Pulsesecure

Pulse Policy Secure

31 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2020-8216

  • EPSS 2.17%
  • Published 30.07.2020 13:15:11
  • Last modified 21.11.2024 05:38:31

An information disclosure vulnerability in meeting of Pulse Connect Secure <9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID.

8.1

CVE-2020-8206

  • EPSS 1.52%
  • Published 30.07.2020 13:15:11
  • Last modified 21.11.2024 05:38:30

An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP.

6.1

CVE-2020-8204

  • EPSS 0.17%
  • Published 30.07.2020 13:15:11
  • Last modified 21.11.2024 05:38:29

A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure <9.1R5 on the PSAL Page.

5.5

CVE-2020-12880

  • EPSS 0.08%
  • Published 27.07.2020 23:15:12
  • Last modified 21.11.2024 05:00:28

An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the en...

9.3

CVE-2020-11581

Exploit
  • EPSS 39.32%
  • Published 06.04.2020 21:15:13
  • Last modified 21.11.2024 04:58:10

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS com...

8.8

CVE-2020-11582

Exploit
  • EPSS 0.14%
  • Published 06.04.2020 21:15:13
  • Last modified 21.11.2024 04:58:10

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, launches a TCP server that accepts local connections ...

9.1

CVE-2020-11580

Exploit
  • EPSS 0.25%
  • Published 06.04.2020 21:15:13
  • Last modified 21.11.2024 04:58:10

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, accepts an arbitrary SSL certificate.

6.1

CVE-2018-20814

  • EPSS 0.11%
  • Published 28.06.2019 18:15:11
  • Last modified 21.11.2024 04:02:14

An XSS issue was found with Psaldownload.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.3R2 before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. This is not applicable to PCS 8.1RX or PPS 5.2RX.

9.8

CVE-2018-20810

  • EPSS 1.54%
  • Published 28.06.2019 18:15:11
  • Last modified 21.11.2024 04:02:13

Session data between cluster nodes during cluster synchronization is not properly encrypted in Pulse Secure Pulse Connect Secure (PCS) 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. This is not applicable to PCS 8.1RX, PPS 5.2RX...

7.5

CVE-2018-20809

  • EPSS 3.31%
  • Published 28.06.2019 18:15:11
  • Last modified 21.11.2024 04:02:13

A crafted message can cause the web server to crash with Pulse Secure Pulse Connect Secure (PCS) 8.3RX before 8.3R5 and Pulse Policy Secure 5.4RX before 5.4R5. This is not applicable to PCS 8.1RX.