Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pulsesecure pulse connect secure vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-8238
A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure < 9.1R8.2 could allow malicious users to conduct Cross-Site Scripting (XSS).
Pulsesecure Pulse Connect Secure
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
Ivanti Connect Secure 9.1
2.1
CVSSv2
CVE-2020-12880
An issue exists in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance prior to 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is...
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
4
CVSSv2
CVE-2020-8221
A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 which allows an authenticated malicious user to read arbitrary files via the administrator web interface.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
1 Article
4
CVSSv2
CVE-2020-8222
A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 that allowed an authenticated attacker via the administrator web interface to perform an arbitrary file reading vulnerability through Meeting.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
6.5
CVSSv2
CVE-2020-8243
A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated malicious user to upload custom template to perform an arbitrary code execution.
Pulsesecure Pulse Connect Secure
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
Ivanti Connect Secure 9.1
1 Article
4.3
CVSSv2
CVE-2020-8261
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection.
Pulsesecure Pulse Connect Secure
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
Ivanti Connect Secure 9.1
4.3
CVSSv2
CVE-2020-8262
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow malicious users to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface.
Pulsesecure Pulse Connect Secure
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
Ivanti Connect Secure 9.1
4
CVSSv2
CVE-2020-8216
An information disclosure vulnerability in meeting of Pulse Connect Secure <9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
6.5
CVSSv2
CVE-2020-8218
A code injection vulnerability exists in Pulse Connect Secure <9.1R8 that allows an malicious user to crafted a URI to perform an arbitrary code execution via the admin web interface.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
1 Github repository
1 Article
4.3
CVSSv2
CVE-2020-8204
A cross site scripting (XSS) vulnerability exists in Pulse Connect Secure <9.1R5 on the PSAL Page.
Pulsesecure Pulse Connect Secure
Ivanti Connect Secure 9.1
Pulsesecure Pulse Policy Secure
Ivanti Policy Secure 9.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »