3.8
CVE-2020-8956
- EPSS 9.24%
- Veröffentlicht 27.10.2020 05:15:13
- Zuletzt bearbeitet 21.11.2024 05:39:44
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users' passwords if Save Settings is enabled.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pulsesecure ≫ Pulse Secure Desktop Version9.0r1.0
Pulsesecure ≫ Pulse Secure Desktop Version9.0r2.0
Pulsesecure ≫ Pulse Secure Desktop Version9.0r2.1
Pulsesecure ≫ Pulse Secure Desktop Version9.0r3.0
Pulsesecure ≫ Pulse Secure Desktop Version9.0r3.1
Pulsesecure ≫ Pulse Secure Desktop Version9.0r4.0
Pulsesecure ≫ Pulse Secure Desktop Version9.0r4.1
Pulsesecure ≫ Pulse Secure Desktop Version9.1r1.0
Pulsesecure ≫ Pulse Secure Desktop Version9.1r2.0
Pulsesecure ≫ Pulse Secure Desktop Version9.1r3.0
Pulsesecure ≫ Pulse Secure Desktop Version9.1r3.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.24% | 0.924 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 1.9 | 3.4 | 2.9 |
AV:L/AC:M/Au:N/C:P/I:N/A:N
|
| cve@mitre.org | 3.8 | 2 | 1.4 |
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
|
CWE-521 Weak Password Requirements
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.