Unspecified SSRF and File Enumeration Vulnerability in Pulse Connect Secure

CVE-2016-4791 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

The administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote administrators to enumerate files, read arbitrary files, and conduct server side request forgery (SSRF) attacks via unspecified vectors.

Learn more about our Cis Benchmark Audit For Server Software.