9.8
CVE-2020-8239
- EPSS 0.39%
- Published 28.10.2020 13:15:12
- Last modified 21.11.2024 05:38:34
- Source support@hackerone.com
- Teams watchlist Login
- Open Login
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 is vulnerable to the client registry privilege escalation attack. This fix also requires Server Side Upgrade due to Standalone Host Checker Client (Windows) and Windows PDC.
Data is provided by the National Vulnerability Database (NVD)
Pulsesecure ≫ Pulse Secure Desktop Client SwPlatformlinux Version < 9.1
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater1 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater2 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater3 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater3.1 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater4 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater4.1 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater4.2 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater5 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater6 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater7 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater7.1 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater8 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater8.2 SwPlatformlinux
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.39% | 0.572 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|