In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an authenticated attacker can upload a malicious file to write to arbitrary files, because of Insecure Permissions.

Related CVEs

CVE-2019-11510

Key Information

GHSA ID

GHSA-6wr2-qx99-98mg

Published

May 24, 2022 4:45 PM

Last Modified

February 27, 2024 9:31 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 29, 2025 6:31 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.