CVE-2020-8241

A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicious server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
hackeroneCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
VendorProductVersion
pulsesecurepulse_secure_desktop_client
𝑥
< 9.1
pulsesecurepulse_secure_desktop_client
9.1:r1
pulsesecurepulse_secure_desktop_client
9.1:r2
pulsesecurepulse_secure_desktop_client
9.1:r3
pulsesecurepulse_secure_desktop_client
9.1:r3.1
pulsesecurepulse_secure_desktop_client
9.1:r4
pulsesecurepulse_secure_desktop_client
9.1:r4.1
pulsesecurepulse_secure_desktop_client
9.1:r4.2
pulsesecurepulse_secure_desktop_client
9.1:r5
pulsesecurepulse_secure_desktop_client
9.1:r6
pulsesecurepulse_secure_desktop_client
9.1:r7
pulsesecurepulse_secure_desktop_client
9.1:r7.1
pulsesecurepulse_secure_desktop_client
9.1:r8
pulsesecurepulse_secure_desktop_client
9.1:r8.2
𝑥
= Vulnerable software versions
References
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601