Pulse Connect Secure@* Security Vulnerabilities and Issues — Pulse Connect Secure@* CVE List

Lucene search

PulsesecurePulse Connect Secure*

22 matches found

CVE•added 2020/10/28 1:15 p.m.•1109 views

CVE-2020-8260

A vulnerability in the Pulse Connect Secure

7.2CVSS8.2AI score0.67944EPSS

CVE•added 2020/07/30 1:15 p.m.•1023 views

CVE-2020-8218

A code injection vulnerability exists in Pulse Connect Secure

7.2CVSS7.3AI score0.91071EPSS

CVE•added 2020/07/28 3:15 p.m.•123 views

CVE-2020-15408

An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. An authenticated attacker can access the admin page console via the end-user web interface because of a rewrite.

5.8CVSS4.8AI score0.00328EPSS

CVE•added 2020/04/06 9:15 p.m.•75 views

CVE-2020-11582

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, launches a TCP server that accepts local connections on a random port. This can be reached by local HT...

8.8CVSS7.9AI score0.39323EPSS

CVE•added 2020/07/27 11:15 p.m.•73 views

CVE-2020-12880

An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available an...

5.5CVSS5.5AI score0.00079EPSS

CVE•added 2020/04/06 9:15 p.m.•68 views

CVE-2020-11580

9.1CVSS9.1AI score0.00248EPSS

CVE•added 2020/04/06 9:15 p.m.•66 views

CVE-2020-11581

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS command injection attacks (against a client) via she...

9.3CVSS8.5AI score0.39323EPSS

CVE•added 2020/10/28 1:15 p.m.•66 views

CVE-2020-8261

A vulnerability in the Pulse Connect Secure / Pulse Policy Secure

4.3CVSS4.8AI score0.00613EPSS

CVE•added 2020/09/30 6:15 p.m.•65 views

CVE-2020-8256

A vulnerability in the Pulse Connect Secure

4.9CVSS5.2AI score0.02706EPSS

CVE•added 2020/09/30 6:15 p.m.•55 views

CVE-2020-8238

A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure

6.1CVSS5.8AI score0.00172EPSS

CVE•added 2020/10/28 1:15 p.m.•54 views

CVE-2020-8255

A vulnerability in the Pulse Connect Secure

4.9CVSS4.9AI score0.15053EPSS

CVE•added 2020/10/27 5:15 a.m.•53 views

CVE-2020-15352

An XML external entity (XXE) vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse Policy Secure (PPS) before 9.1R9 allows remote authenticated admins to conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.

7.2CVSS6.6AI score0.06555EPSS

CVE•added 2020/10/28 1:15 p.m.•53 views

CVE-2020-8262

A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface.

6.1CVSS5.8AI score0.00144EPSS

CVE•added 2020/07/30 1:15 p.m.•51 views

CVE-2020-8206

An improper authentication vulnerability exists in Pulse Connect Secure

8.1CVSS8AI score0.0152EPSS

CVE•added 2020/07/30 1:15 p.m.•51 views

CVE-2020-8221

A path traversal vulnerability exists in Pulse Connect Secure

4.9CVSS4.9AI score0.02858EPSS

CVE•added 2020/07/30 1:15 p.m.•47 views

CVE-2020-8217

A cross site scripting (XSS) vulnerability in Pulse Connect Secure