Published: 28/10/2020 Updated: 17/08/2021

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6

VMScore: 455

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the malicious user to perform a MITM Attack if end users are convinced to connect to a malicious server.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pulsesecure pulse secure desktop client
pulsesecure pulse secure desktop client 9.1

Pulse Secure VPN mitm Research - CVE-2020-8241, CVE-2020-8239

pulse-secure-vpn-mitm-research Pulse Secure mitm research Release date Joint release date with vendor: 26 Oct 2020 Author David Kierznowski, @withdk Credits Sahil Mahajan from the Pulse Secure PSIRT Team for support throughout the disclosure process Alyssa Herrera, Justin Wagner, and Mimir, and Rich Warren for their write-up, "Red Teamer’s Guide to Pulse Secure SSL

Pulse Secure VPN mitm Research - CVE-2020-8241, CVE-2020-8239

pulse-secure-vpn-mitm-research Pulse Secure mitm research Release date Joint release date with vendor: 26 Oct 2020 Author David Kierznowski, @withdk Credits Sahil Mahajan from the Pulse Secure PSIRT Team for support throughout the disclosure process Alyssa Herrera, Justin Wagner, and Mimir, and Rich Warren for their write-up, "Red Teamer’s Guide to Pulse Secure SSL

NVD-CWE-noinfo https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601 https://nvd.nist.gov https://github.com/withdk/pulse-secure-vpn-mitm-research

CVE-2020-8241

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect