CPE Details
Pulsesecure Pulse Secure Desktop Client 9.1 R4.1 for Windows
9.1
2020-07-17
09h52 +00:00
09h52 +00:00
2020-07-17
09h52 +00:00
09h52 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r4.1:*:*:*:windows:*:*
Informations
Vendor
pulsesecureProduct
pulse_secure_desktop_clientVersion
9.1Update
r4.1Target Software
windowsRelated CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC.To improve the security of connections between Pulse clients and Pulse Connect Secure, see below recommendation(s):Disable Dynamic certificate trust for PDC. | 8.8 |
High |
||
| A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. This vulnerability only affects Windows PDC if the Embedded Browser is configured with the Credential Provider. | 7.8 |
High |
||
| An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. An authenticated attacker can access the admin page console via the end-user web interface because of a rewrite. | 4.6 |
Medium |
||
| A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges. | 7 |
High |
2025©
tesweb SA
