3 matches found
CVE-2018-7572
Affected software: Pulse Secure Client (versions 9.0R1 and 5.3RX prior to 5.3R5). The issue: when configured to authenticate VPN users during Windows Logon, the client can bypass Windows authentication and execute commands with the client’s privileges. Conditions: attacker must interrupt the clie...
CVE-2020-8956
Summary (CVE-2020-8956): Pulse Secure Desktop Client on Windows (9.0Rx before 9.0R5 and 9.1Rx before 9.1R4; affected root cause) exposes saved passwords when the client’s Save Settings option is enabled. The issue is an information-disclosure vulnerability affecting Windows PDC. Fixed versions in...
CVE-2016-2408
CVE-2016-2408 is a client‑side elevation of privilege in Pulse Secure components on Windows. Concrete details from connected docs show exploitable to restricted users via the Pulse Secure Desktop Client and the Standalone Installer Service, with affected versions including: Pulse Secure Desktop C...