CVE-2020-8956

Опубликовано: 27 окт. 2020

Источник: nvd

CVSS3: 3.8

CVSS3: 3.3

CVSS2: 1.9

EPSS Низкий

Описание

Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users' passwords if Save Settings is enabled.

Ссылки

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
Vendor Advisory
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:pulsesecure:pulse_secure_desktop:9.0r1.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop:9.0r2.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop:9.0r2.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop:9.0r3.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop:9.0r3.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop:9.0r4.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop:9.0r4.1:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop:9.1r1.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop:9.1r2.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop:9.1r3.0:*:*:*:*:*:*:*

cpe:2.3:a:pulsesecure:pulse_secure_desktop:9.1r3.1:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.09237

Низкий

3.8 Low

CVSS3

3.3 Low

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-521

Связанные уязвимости

GHSA-rw4x-mrcc-6rwp

github

больше 3 лет назад

Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users' passwords if Save Settings is enabled.

EPSS

Процентиль: 93%

0.09237

Низкий

3.8 Low

CVSS3

3.3 Low

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-521