CVE-2019-11507

Risk Scores

Affected Products

Exploit Intelligence

• https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/ (nist-nvd)
• https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf (nist-nvd)
• CIRCL confirmed: CVE-2019-11507 (circl-sighting)
• CIRCL seen: CVE-2019-11507 (circl-sighting)
• https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516 (circl)
• VU#927237 (circl)
• 108073 (circl)
• https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/ (circl)
• https://kb.pulsesecure.net/?atype=sa (circl)
• Nuclei Template: CVE-2019-11507 (nuclei-template)

…and 5 more exploits

Timeline

• May 8, 2019 CVE Published
• Apr 14, 2021 EPSS Score
• Aug 24, 2021 EPSS Score
• Oct 26, 2021 EPSS Score
• Jan 6, 2022 EPSS Score
• Feb 4, 2022 EPSS Score
• Apr 1, 2022 EPSS Score
• May 1, 2022 EPSS Score
• Sep 4, 2022 EPSS Score
• Nov 6, 2022 EPSS Score
• Mar 7, 2023 EPSS Score
• Mar 25, 2023 EPSS Score

References

• https://kb.pulsesecure.net/?atype=sa url
• https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/ url
• 108073 vdb
• https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf url
• https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/ url
• VU#927237 third-party-advisory
• https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516 url
• https://nvd.nist.gov/vuln/detail/CVE-2019-11507 advisory
• https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study url
• https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 url
• https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516/?kA23Z000000L6i5SAC advisory