Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Pulsesecure Subscribe
Filtered by product Pulse Policy Secure

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11580 4 Apple, Linux, Oracle and 1 more 5 Macos, Linux Kernel, Solaris and 2 more 2021-09-16 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, accepts an arbitrary SSL certificate.
CVE-2018-5299 1 Pulsesecure 2 Pulse Connect Secure, Pulse Policy Secure 2020-08-24 7.5 HIGH 9.8 CRITICAL
A stack-based Buffer Overflow Vulnerability exists in the web server in Pulse Secure Pulse Connect Secure (PCS) before 8.3R4 and Pulse Policy Secure (PPS) before 5.4R4, leading to memory corruption and possibly remote code execution.
CVE-2019-11540 1 Pulsesecure 2 Pulse Connect Secure, Pulse Policy Secure 2020-08-24 7.5 HIGH 9.8 CRITICAL
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4 and 8.3RX before 8.3R7.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2 and 5.4RX before 5.4R7.1, an unauthenticated, remote attacker can conduct a session hijacking attack.
CVE-2018-6320 1 Pulsesecure 2 Pulse Connect Secure, Pulse Policy Secure 2020-04-29 7.5 HIGH 9.8 CRITICAL
A vulnerability has been discovered in login.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1RX before 8.1R12 and 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.2RX before 5.2R9 and 5.4RX before 5.4R2 wherein an http(s) Host header received from the browser is trusted without validation.
CVE-2018-20810 1 Pulsesecure 2 Pulse Connect Secure, Pulse Policy Secure 2019-07-03 7.5 HIGH 9.8 CRITICAL
Session data between cluster nodes during cluster synchronization is not properly encrypted in Pulse Secure Pulse Connect Secure (PCS) 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. This is not applicable to PCS 8.1RX, PPS 5.2RX, or stand-alone devices.