Risk Scores
CVSS v3.0
7.699999809265137
CVSS:3.0/AC:L/AV:N/A:N/C:H/I:N/PR:L/S:C/UI:N
EPSS Score
3.26%
87.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| ivanti | connect_secure | 8.1, 8.1, 8.1 |
Timeline
- CVE Published
- Aug 10, 2019 PoC Published
- Dec 2, 2019 PoC Published
- Feb 25, 2021 PoC Published
- Apr 14, 2021 EPSS Score
- Jul 29, 2021 PoC Published
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Jun 18, 2024 PoC Published
- Mar 17, 2025 EPSS Score
- Mar 24, 2025 EPSS Score
References
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 url
- 108073 vdb
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010 url
- https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf url
- https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/ url
- VU#927237 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2019-11538 advisory
- https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study url