Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Secure access series ssl vpn sa-4000'
2018-12-21
CVE-2018-20193
CWE-269
Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC) allow privilege escalation, as demonstrated by Secure Access SSL VPN SA-4000 5.1R5 (build 9627) 4.2 Release (build 7631). This occurs because appropriate controls are not performed. Specifically, it is possible for a readonly user to change the administrator user password by making a local copy of the /dana-admin/user/update.cgi page, changing the "user" value, and saving the changes.
>>>
Vendor:
Pulsesecure
15
Produkty
Pulse connect secure
Client
Steel belted radius
Odyssey access client
Pulse secure desktop
Pulse secure security
Standalone pulse installer service
Pulse policy secure
Pulse one on-premise
Plus secure desktop
Pulse secure desktop client
Virtual traffic manager
Secure access series ssl vpn sa-4000
Pulse secure virtual application delivery controller
Pulse secure installer service
Copyright
2024
, cxsecurity.com
Back to Top