Unspecified SSRF and File Enumeration Vulnerability in Pulse Connect Secure
CVE-2016-4791 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:P/A:N
The administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote administrators to enumerate files, read arbitrary files, and conduct server side request forgery (SSRF) attacks via unspecified vectors.
Learn more about our Cis Benchmark Audit For Server Software.