CVE-2020-8248

A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
hackeroneCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
VendorProductVersion
pulsesecurepulse_secure_desktop_client
𝑥
< 9.1
pulsesecurepulse_secure_desktop_client
9.1:r1
pulsesecurepulse_secure_desktop_client
9.1:r2
pulsesecurepulse_secure_desktop_client
9.1:r3
pulsesecurepulse_secure_desktop_client
9.1:r3.1
pulsesecurepulse_secure_desktop_client
9.1:r4
pulsesecurepulse_secure_desktop_client
9.1:r4.1
pulsesecurepulse_secure_desktop_client
9.1:r4.2
pulsesecurepulse_secure_desktop_client
9.1:r5
pulsesecurepulse_secure_desktop_client
9.1:r6
pulsesecurepulse_secure_desktop_client
9.1:r7
pulsesecurepulse_secure_desktop_client
9.1:r7.1
pulsesecurepulse_secure_desktop_client
9.1:r8
pulsesecurepulse_secure_desktop_client
9.1:r8.2
𝑥
= Vulnerable software versions
References
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601