Vulnerability Description
Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read an unspecified system file via unknown vectors.
CVSS Score
5.8
MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ivanti | Connect Secure | 8.2 |
| Pulsesecure | Pulse Connect Secure | 8.1r1.0 |
References
- http://www.securitytracker.com/id/1035932
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40208Vendor Advisory
- http://www.securitytracker.com/id/1035932
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40208Vendor Advisory
FAQ
What is CVE-2016-4788?
CVE-2016-4788 is a vulnerability with a CVSS score of 5.8 (MEDIUM). Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers to read an unspecified system file via unknown vectors.
How severe is CVE-2016-4788?
CVE-2016-4788 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-4788?
Check the references section above for vendor advisories and patch information. Affected products include: Ivanti Connect Secure, Pulsesecure Pulse Connect Secure.