CVE-2019-11539 | Cybersecurity Alerts | Nexus IT Services, LLC

← Back to Cybersecurity Alerts

CVE-2019-11539

Ivanti | Pulse Connect Secure and Pulse Policy SecureAdded 2021-11-03Remediation Deadline 2022-05-03Active Ransomware Campaign

Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability

Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-78

References

https://nvd.nist.gov/vuln/detail/CVE-2019-11539