CVE-2020-8250

Опубликовано: 28 окт. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege.

Ссылки

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
Vendor Advisory
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:*:*:*:*:*:linux:*:*

Версия до 9.1 (исключая)

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:-:*:*:*:linux:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r1:*:*:*:linux:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r2:*:*:*:linux:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r3:*:*:*:linux:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r3.1:*:*:*:linux:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r4:*:*:*:linux:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r4.1:*:*:*:linux:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r4.2:*:*:*:linux:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r5:*:*:*:linux:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r6:*:*:*:linux:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r7:*:*:*:linux:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r7.1:*:*:*:linux:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r8:*:*:*:linux:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:9.1:r8.2:*:*:*:linux:*:*

EPSS

Процентиль: 57%

0.0035

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-w2pq-cm6g-6wj7

github

больше 3 лет назад