CVE-2018-6320

high-risk

Published 2018-09-06

A vulnerability has been discovered in login.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1RX before 8.1R12 and 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.2RX before 5.2R9 and 5.4RX before 5.4R2 wherein an http(s) Host header received from the browser is trusted without validation.

Do I need to act?

~

3.2% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

-

Not on CISA KEV list

No confirmed active exploitation reported to CISA

?

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

9

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (18)

Connect Secure

Pulse Connect Secure

Pulse Connect Secure

Pulse Connect Secure

Pulse Policy Secure

Pulse Policy Secure

Pulse Policy Secure

Pulse Policy Secure

Pulse Policy Secure

Pulse Policy Secure

Pulse Policy Secure

Pulse Policy Secure

Pulse Policy Secure

Pulse Policy Secure

Pulse Policy Secure

Pulse Policy Secure

Pulse Policy Secure

Pulse Policy Secure

Affected Vendors

Pulsesecure Ivanti

References (2)

Vendor Advisory https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877

Vendor Advisory https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877

57

/ 100

high-risk

Severity 32/34 · Critical

Exploitability 6/34 · Minimal

Exposure 19/34 · Moderate