High severity8.6NVD Advisory· Published May 26, 2016· Updated Jun 17, 2026
CVE-2016-4791
CVE-2016-4791
Description
The administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote administrators to enumerate files, read arbitrary files, and conduct server side request forgery (SSRF) attacks via unspecified vectors.
Affected products
6cpe:2.3:a:ivanti:connect_secure:8.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ivanti:connect_secure:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ivanti:connect_secure:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ivanti:connect_secure:8.2:*:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:7.4:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:pulsesecure:pulse_connect_secure:7.4:*:*:*:*:*:*:*
- cpe:2.3:a:pulsesecure:pulse_connect_secure:8.1r1.0:*:*:*:*:*:*:*
- (no CPE)range: <8.2r1, <8.1r2, <8.0r9, <7.4r13.4
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.