CVE-2018-20812

N/A

Description

An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints.

CVE Details

CVSS v3.1 ScoreN/A

Published6/28/2019

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

pulsesecure:pulse_secure_desktop_client

Weaknesses (CWE)

CWE-200

References

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/(cve@mitre.org)

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.