9.8
CVE-2020-8239
- EPSS 0.39%
- Veröffentlicht 28.10.2020 13:15:12
- Zuletzt bearbeitet 21.11.2024 05:38:34
- Quelle support@hackerone.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 is vulnerable to the client registry privilege escalation attack. This fix also requires Server Side Upgrade due to Standalone Host Checker Client (Windows) and Windows PDC.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pulsesecure ≫ Pulse Secure Desktop Client SwPlatformlinux Version < 9.1
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater1 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater2 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater3 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater3.1 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater4 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater4.1 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater4.2 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater5 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater6 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater7 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater7.1 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater8 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater8.2 SwPlatformlinux
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.39% | 0.572 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|