Sensitive Historical Activity Information Disclosure in Pulse Secure Virtual Traffic Manager 9.9 and 10.4 versions

Sensitive Historical Activity Information Disclosure in Pulse Secure Virtual Traffic Manager 9.9 and 10.4 versions

CVE-2018-20307 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Pulse Secure Virtual Traffic Manager 9.9 versions prior to 9.9r2 and 10.4r1 allow a remote authenticated user to obtain sensitive historical activity information by leveraging incorrect permission validation.

Learn more about our User Device Pen Test.