In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Authentication Bypass
Ivanti
Session Fixation
Connect Secure
Pulse Connect Secure
+1
NVD
CVSS 3.0
8.1
EPSS
2.8%