High severity7.2NVD Advisory· Published Apr 26, 2019· Updated Jun 17, 2026
CVE-2019-11542
CVE-2019-11542
Description
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, an authenticated attacker (via the admin web interface) can send a specially crafted message resulting in a stack buffer overflow.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <9.0R3.4, <8.3R7.1, <8.2R12.1, <8.1R15.1
- Range: <9.0R3.2, <5.4R7.1, <5.3R12.1, <5.2R12.1, <5.1R15.1
Patches
Vulnerability mechanics
References
6- devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study/nvdExploitThird Party Advisory
- i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdfnvdExploitThird Party Advisory
- www.securityfocus.com/bid/108073nvdBroken LinkThird Party AdvisoryVDB Entry
- kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101nvdVendor Advisory
- psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010nvdThird Party Advisory
- www.kb.cert.org/vuls/id/927237nvdThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.