exploitDog

GHSA-jc87-47xg-wmhr

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7

Описание

A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges.

A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges.

Ссылки

EPSS

Процентиль: 57%

0.00347

Низкий

7 High

CVSS3

CVE ID

Дефекты

CWE-367

Связанные уязвимости

CVE-2020-13162

CVSS3: 7

nvd

больше 5 лет назад

A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges.

BDU:2021-02075

CVSS3: 7

fstec

больше 5 лет назад

Уязвимость исполняемого файла PulseSecureService.exe корпоративного SSL на основе VPN Pulse Secure Desktop Client, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 57%

0.00347

Низкий

7 High

CVSS3

CVE ID

Дефекты

CWE-367