Vulnerability Details CVE-2018-5299
A stack-based Buffer Overflow Vulnerability exists in the web server in Pulse Secure Pulse Connect Secure (PCS) before 8.3R4 and Pulse Policy Secure (PPS) before 5.4R4, leading to memory corruption and possibly remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.119
EPSS Ranking 93.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2018-5299
-
cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3r1
-
cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3r1.1
-
cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3r2
-
cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3r2.1
-
cpe:2.3:a:pulsesecure:pulse_connect_secure:8.3r3
-
cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r1
-
cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r2
-
cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r2.1
-
cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4r3