Vulnerability Details : CVE-2016-4791
The administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote administrators to enumerate files, read arbitrary files, and conduct server side request forgery (SSRF) attacks via unspecified vectors.
Vulnerability category: Server-side request forgery (SSRF)
Products affected by CVE-2016-4791
- cpe:2.3:a:pulsesecure:pulse_connect_secure:8.1r1.0:*:*:*:*:*:*:*
- cpe:2.3:a:pulsesecure:pulse_connect_secure:7.4:*:*:*:*:*:*:*
- cpe:2.3:a:ivanti:connect_secure:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ivanti:connect_secure:8.2:*:*:*:*:*:*:*
- cpe:2.3:a:ivanti:connect_secure:8.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-4791
0.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 48 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-4791
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST | |
|
8.6
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N |
3.9
|
4.0
|
NIST |
References for CVE-2016-4791
-
http://www.securitytracker.com/id/1035932
Pulse Connect Secure Bugs Let Remote Users Deny Service, Obtain Potentially Sensitive Information, and Conduct Cross-Site Scripting Attacks - SecurityTracker
-
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40210
Pulse Security Advisory: SA40210 - [Pulse Secure] Information disclosure possible on admin UI (CVE-2016-4791)Vendor Advisory
Jump to