CVE-2016-4787
Published May 26, 2016
Last updated 9 months ago
Overview
- Description
- Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read sensitive system authentication files in an unspecified directory via unknown vectors.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 10
- Impact score
- 5.8
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 6.4
- Impact score
- 4.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52840E34-91BB-4E44-BE85-B50CDE4D2EDD"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2BCE3E8-ED64-4CCD-9A3F-3D99476B81E1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:7.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A1A7B1C-EF34-4F63-AE11-75DB8DCBF9F1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "202E4839-7CE4-49CE-BEE1-CB33A96770E7"
},
{
"criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:8.1r1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2037BE1-408C-47E8-8A70-8440BF3A1ED6"
}
],
"operator": "OR"
}
]
}
]