CVE-2019-11539
Ivanti / Pulse Connect Secure and Pulse Policy Secure
Ransomware campaign
Added 2021-11-03
Due 2022-05-03
Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability
Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands.
Required action
Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2019-11539
Metadata
| Added to KEV | 2021-11-03 |
| Remediation due | 2022-05-03 |
| Ransomware use | Known |
| CWEs | CWE-78 |
| Ingested | 2026-04-24 15:03:13 |
Cross-mesh regulatory overlay
If you're breached via this CVE, what disclosure laws and cyber regs fire? Asks LexiWorld and RegulatoryRadar via signed mesh.