Make Sure These 15 Most Exploited Vulnerabilities From 2021 Are Patched

Return To Article
Make Sure These 15 Most Exploited Vulnerabilities From 2021 Are Patched, slide 7

CVE-2019-11510

Vendor and product: Pulse Secure Pulse Connect Secure

Certain versions of Pulse Secure Pulse Connect Secure contain an arbitrary file reading bug that allows an unauthenticated remote attacker to send a specially crafted URI to perform an arbitrary file reading.

The bug is from 2019, so its appearance on this list of most commonly exploited software vulnerabilities from last year suggests that many organizations still need to patch this flaw. Pulse Secure’s advisory listed several other bugs, including authentication bypass, code execution, arbitrary file writing, session hijacking and more.

Return To Article