Skip to main content

Pulse Secure Desktop

3 CVEs product

Monthly

CVE-2020-8956 LOW POC Monitor

Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users' passwords if Save Settings is enabled. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ivanti Microsoft Brute Force Pulse Secure Desktop
NVD GitHub
CVSS 3.1
3.3
EPSS
1.2%
CVE-2018-7572 MEDIUM This Month

Pulse Secure Client 9.0R1 and 5.3RX before 5.3R5, when configured to authenticate VPN users during Windows Logon, can allow attackers to bypass Windows authentication and execute commands on the. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Ivanti Pulse Secure Desktop
NVD
CVSS 3.0
6.8
EPSS
0.4%
CVE-2016-2408 HIGH This Week

Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service before 8.2R2 and below for Windows allow restricted users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Ivanti Microsoft Odyssey Access Client Pulse Secure Desktop +2
NVD
CVSS 3.0
7.8
EPSS
0.1%
EPSS 1% CVSS 3.3
LOW POC Monitor

Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users' passwords if Save Settings is enabled. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ivanti Microsoft +2
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM This Month

Pulse Secure Client 9.0R1 and 5.3RX before 5.3R5, when configured to authenticate VPN users during Windows Logon, can allow attackers to bypass Windows authentication and execute commands on the. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Ivanti +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service before 8.2R2 and below for Windows allow restricted users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Ivanti Microsoft +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy