CVE-2019-11539 - Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability
Project:Ivanti
Product:Pulse Connect Secure and Pulse Policy Secure
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability
Description
Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-11539