A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC.To improve the security of connections between Pulse clients and Pulse Connect Secure, see below recommendation(s):Disable Dynamic certificate trust for PDC.
2020-10-28T13:15:12.747
2024-11-21T05:38:35.900
Modified
CVSSv3.1: 8.8 (HIGH)
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.6
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | pulsesecure | pulse_secure_desktop_client | < 9.1 | Yes |
| Application | pulsesecure | pulse_secure_desktop_client | 9.1 | Yes |
| Application | pulsesecure | pulse_secure_desktop_client | 9.1 | Yes |
| Application | pulsesecure | pulse_secure_desktop_client | 9.1 | Yes |
| Application | pulsesecure | pulse_secure_desktop_client | 9.1 | Yes |
| Application | pulsesecure | pulse_secure_desktop_client | 9.1 | Yes |
| Application | pulsesecure | pulse_secure_desktop_client | 9.1 | Yes |
| Application | pulsesecure | pulse_secure_desktop_client | 9.1 | Yes |
| Application | pulsesecure | pulse_secure_desktop_client | 9.1 | Yes |
| Application | pulsesecure | pulse_secure_desktop_client | 9.1 | Yes |
| Application | pulsesecure | pulse_secure_desktop_client | 9.1 | Yes |
| Application | pulsesecure | pulse_secure_desktop_client | 9.1 | Yes |
| Application | pulsesecure | pulse_secure_desktop_client | 9.1 | Yes |
| Application | pulsesecure | pulse_secure_desktop_client | 9.1 | Yes |