Vulnerability in Ivanti Connect_secure

CVE-2019-11509

In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9…

EPSS: 0.078 (93.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

References

  • cve@mitre.org (x_refsource_MISC, Vendor Advisory)
  • cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
  • cve@mitre.org (US Government Resource, x_refsource_CERT-VN, Third Party Advisory, third-party-advisory)

Frequently asked questions

What is CVE-2019-11509?
CVE-2019-11509 is a high-severity vulnerability in Ivanti Connect_secure. CVSS score: 8.8/10. Published 2019-06-03.
How severe is CVE-2019-11509?
High severity. CVSS v3 base score is 8.8 out of 10.