{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin web interface) can exploit Incorrect Access Control to execute arbitrary code on the appliance."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2019-10-16T17:06:17.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_MISC"],"url":"https://kb.pulsesecure.net/?atype=sa"},{"tags":["x_refsource_CONFIRM"],"url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/"},{"name":"VU#927237","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"https://www.kb.cert.org/vuls/id/927237"}],"x_ConverterErrors":{"cvssV3_0":{"error":"CVSSV3_0 data from v4 record is invalid","message":"Missing mandatory metrics \"AV\""}},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2019-11509","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 and Pulse Policy Secure (PPS) before 5.1R15.1, 5.2 before 5.2R12.1, 5.3 before 5.3R15.1, 5.4 before 5.4R7.1, and 9.0 before 9.0R3.2, an authenticated attacker (via the admin web interface) can exploit Incorrect Access Control to execute arbitrary code on the appliance."}]},"impact":{"cvss":{"attackComplexity":"HIGH","availabilityImpact":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.0/AC:H/A:H/C:H/I:H/PR:H/S:U/UI:R","version":"3.0"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://kb.pulsesecure.net/?atype=sa","refsource":"MISC","url":"https://kb.pulsesecure.net/?atype=sa"},{"name":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/","refsource":"CONFIRM","url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/"},{"name":"VU#927237","refsource":"CERT-VN","url":"https://www.kb.cert.org/vuls/id/927237"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T22:55:40.698Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://kb.pulsesecure.net/?atype=sa"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/"},{"name":"VU#927237","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"https://www.kb.cert.org/vuls/id/927237"}]}]},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2019-11509","datePublished":"2019-06-03T19:34:46.000Z","dateReserved":"2019-04-24T00:00:00.000Z","dateUpdated":"2024-08-04T22:55:40.698Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}