CVE-2017-11455

high-risk

Published 2017-08-29

diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through 8.1R10 and Pulse Policy Secure 5.3R1 through 5.3R5, 5.2R1 through 5.2R8, and 5.1R1 through 5.1R10 allow remote attackers to hijack the authentication of administrators for requests to start tcpdump, related to the lack of anti-CSRF tokens.

Do I need to act?

0.56% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (20)

Pulse Connect Secure

Pulse Policy Secure

Affected Vendors

Ivanti Pulsesecure

References (6)

Third Party Advisory http://www.securityfocus.com/bid/100530

Third Party Advisory http://www.securitytracker.com/id/1039242

Vendor Advisory https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40793

Third Party Advisory http://www.securityfocus.com/bid/100530

Third Party Advisory http://www.securitytracker.com/id/1039242

Vendor Advisory https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40793

/ 100

high-risk

Severity 30/34 · Critical

Exploitability 2/34 · Minimal

Exposure 25/34 · High