CVE-2019-11510β€”Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability

PUBLISHEDvulnerability record
2021-11-03 Β· last modified December 22, 2025

Metadata

CVE ID:
CVE-2019-11510
Project:
Ivanti
Product:
Pulse Connect Secure
Date Added:
2021-11-03
Due Date:
2022-05-03
Last Updated:
December 22, 2025

Vulnerability Name

Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability

Description

Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacker with network access via HTTPS to send a specially crafted URI.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
KNOWN

Action

Apply updates per vendor instructions.

Additional Notes

Related News Articles

Related Weaknesses