Home

CVE-2020-15408

Description

An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. An authenticated attacker can access the admin page console via the end-user web interface because of a rewrite.

Risk Information

Base Score
4.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.328

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2020-13162,CVE-2020-15408 are affected in Pulse secure for windows 9.1.r1.0Windows
Vulnerabilities CVE-2020-13162,CVE-2020-15408 are affected in Pulse secure for windows 9.1.r2.0Windows
Vulnerabilities CVE-2020-13162,CVE-2020-15408 are affected in Pulse secure for windows 9.1.r3.0Windows
Vulnerabilities CVE-2020-13162,CVE-2020-15408,CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r3.1Windows
Vulnerabilities CVE-2020-13162,CVE-2020-15408 are affected in Pulse secure for windows 9.1.r4.0Windows
Vulnerabilities CVE-2020-13162,CVE-2020-15408,CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r4.1Windows
Vulnerabilities CVE-2020-13162,CVE-2020-15408,CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r4.2Windows
Vulnerabilities CVE-2020-13162,CVE-2020-15408 are affected in Pulse secure for windows 9.1.r5.0Windows
Vulnerabilities CVE-2020-13162,CVE-2020-15408 are affected in Pulse secure for windows 9.1.r6.0Windows
Vulnerabilities CVE-2020-13162,CVE-2020-15408 are affected in Pulse secure for windows 9.1.r7.0Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234