3.8
CVE-2020-8956
- EPSS 9.24%
- Published 27.10.2020 05:15:13
- Last modified 21.11.2024 05:39:44
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users' passwords if Save Settings is enabled.
Data is provided by the National Vulnerability Database (NVD)
Pulsesecure ≫ Pulse Secure Desktop Version9.0r1.0
Pulsesecure ≫ Pulse Secure Desktop Version9.0r2.0
Pulsesecure ≫ Pulse Secure Desktop Version9.0r2.1
Pulsesecure ≫ Pulse Secure Desktop Version9.0r3.0
Pulsesecure ≫ Pulse Secure Desktop Version9.0r3.1
Pulsesecure ≫ Pulse Secure Desktop Version9.0r4.0
Pulsesecure ≫ Pulse Secure Desktop Version9.0r4.1
Pulsesecure ≫ Pulse Secure Desktop Version9.1r1.0
Pulsesecure ≫ Pulse Secure Desktop Version9.1r2.0
Pulsesecure ≫ Pulse Secure Desktop Version9.1r3.0
Pulsesecure ≫ Pulse Secure Desktop Version9.1r3.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.24% | 0.924 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 1.9 | 3.4 | 2.9 |
AV:L/AC:M/Au:N/C:P/I:N/A:N
|
| cve@mitre.org | 3.8 | 2 | 1.4 |
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
|
CWE-521 Weak Password Requirements
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.