CVE-2018-20812

Published Jun 28, 2019
Last updated 5 years ago
CVSS high 7.5
Overview

Description: An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints.
Source: cve@mitre.org
NVD status: Analyzed
Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses

nvd@nist.gov: CWE-200
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r1.0:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6FEAC7A-DC46-4334-B631-BB5DDD28D7EB"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r10.0:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "478845B1-EB76-4E26-BC63-983FD0C81302"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r11.0:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5888F242-DD03-4452-A16D-63AE9F2F3C93"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r11.1:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AD8B7C8-5BBB-421A-A4D3-CD8E6BA2FD6D"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r12.0:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5EF0D642-D3CC-43D6-8C3B-DEF74598B849"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r13.0:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E2DD454-6B88-4831-84C8-5C220D4B2535"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r2.0:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2CA76304-E77F-40FB-94AE-7FAB05E8898D"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r3.0:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B96B4E1-B80C-4D71-A7CF-8465A1B9EE84"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r4.0:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "733ACB57-E4B2-4E2E-A21D-E007FA118327"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r5.0:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3154F445-7DE0-4E14-8F4F-291B12AC49E5"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r6.0:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E5E8C37-B618-4E2C-AAB7-8A417BCB10B6"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r7.0:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7D60E02-F823-4898-A7F8-76763192115F"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r8.0:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D7BF91F-67EA-4F22-9A72-455E89C9EF63"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r9.0:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC88C4B6-763E-4BD2-8F4A-A1BD10EF789B"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r9.1:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C6939F9-1822-43A2-8603-75E64D445CAB"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:4.0:r9.2:*:*:*:mac_os_x:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A24A6C6D-432A-4883-A208-AC2EA1704977"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r1.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "053DFC37-B75B-410B-8C8F-29B2F05B3A36"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r1.1:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7720FB6-CE48-4BC2-A9BF-FC6584F2E859"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r10.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA15F6D3-5768-4246-B299-3DB71B22DCB4"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r11.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "220B3F40-7087-4DDE-B9BC-C7C30A37BDA3"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r11.1:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C8FA812-6F71-4397-980A-AE1E215F8B49"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r12.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EB94E2D-8601-4107-9294-57359FD80382"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r13.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCFDE7A5-545B-4993-B01E-B658C27D39BA"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r14.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A61B224-89FB-4493-87D6-284ABDB0B168"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r2.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E870F9B-80CF-4750-9AD6-05102B212179"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r3.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "193FD9D7-0EE6-44FE-9D52-1F73BF3F09F8"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r3.1:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBFFF1C0-97D1-448F-B61B-9DEA7A0B6F0B"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r4.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C0A57F1-4C29-4A2F-A07D-E0F1CAB49AA0"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r5.1:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C07FA018-8BA9-4EB6-AED4-71BD041BB17C"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r6.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70891236-B587-429C-8662-17C89FBC5A15"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r7.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30A98DE4-A9FB-459B-B9C9-82B39755D202"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r8.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71DD19B3-19E8-4370-AE16-2768BF99AD5D"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r9.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9593E2D-37E8-441A-8DD0-B54D7F7450EE"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1:r9.1:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41B3306E-DF2E-4290-9CEF-B390EAEF1613"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1r:3.2:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10EA7C78-01D5-4FD5-BED9-9BE2ED6CFB62"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.1r:5.0:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3630DC6-E573-464E-8998-CAED241C66A7"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r1:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05F11D9B-5D48-4458-A538-000E514ADB07"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r1.1:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24DEA646-6F9A-4A34-9FC3-2BD4044FE49D"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r2:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D173E98-823F-42B7-8175-5D1530B2C4A0"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r3:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E18D76D-36C3-47E4-A510-1E0D14C9FDFE"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r4:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "477BE870-ED64-4B86-9379-27BEC443FDF9"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r4.1:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6F67A14-544D-4613-A016-C538ABA61051"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r4.2:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42808ADA-F28D-4861-AA02-457D355F5959"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r5:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8596020-8A36-441F-BC49-97AEF89E2320"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r5.2:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "314B227A-A368-40D8-98C2-17C771ABDA08"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r6:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "306CC768-4C7A-443E-9193-423B9269CF0C"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:5.3:r7:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A33BEE3-3BA3-47B8-A71D-F1AAD153E798"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r1:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EF60FD2-060C-456D-A737-E27097C2F021"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r2:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01FF161B-A5D0-4F70-922F-D8BABEE1780F"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r2.1:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D42A0430-607B-49E7-A7F5-2C7AD8F3ED9F"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r3:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8CA2E37-99C9-4E86-8808-04C7957CEEF0"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r3.2:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2208338F-6193-41BA-AA5F-9F8F49576AC0"
          },
          {
            "criteria": "cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.0:r4:*:*:*:macos:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8200F10B-D6C9-49D9-BEBB-5174A5CF758A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
