4.9
CVE-2020-8255
- EPSS 15.05%
- Veröffentlicht 28.10.2020 13:15:12
- Zuletzt bearbeitet 21.11.2024 05:38:36
- Quelle support@hackerone.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary file reading vulnerability is fixed using encrypted URL blacklisting that prevents these messages.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pulsesecure ≫ Pulse Secure Desktop Client SwPlatformlinux Version < 9.1
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Update- SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater1 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater2 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater3 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater3.1 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater4 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater4.1 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater4.2 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater5 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater6 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater7 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater7.1 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater8 SwPlatformlinux
Pulsesecure ≫ Pulse Secure Desktop Client Version9.1 Updater8.2 SwPlatformlinux
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Typ | Quelle | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 15.05% | 0.943 |
Quelle | Base Score | Exploit Score | Impact Score | Vector String |
---|---|---|---|---|
nvd@nist.gov | 4.9 | 1.2 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
|
nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.