CVE-2020-8240
Description
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. This vulnerability only affects Windows PDC if the Embedded Browser is configured with the Credential Provider.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.044
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2020-13162,CVE-2020-15408,CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r3.1 | Windows |
| Vulnerabilities CVE-2020-13162,CVE-2020-15408,CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r4.1 | Windows |
| Vulnerabilities CVE-2020-13162,CVE-2020-15408,CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r4.2 | Windows |
| Vulnerabilities CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.0 | Windows |
| Vulnerabilities CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r1 | Windows |
| Vulnerabilities CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r2 | Windows |
| Vulnerabilities CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r3 | Windows |
| Vulnerabilities CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r4 | Windows |
| Vulnerabilities CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r5 | Windows |
| Vulnerabilities CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r6 | Windows |
| Vulnerabilities CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r7 | Windows |
| Vulnerabilities CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r7.1 | Windows |
| Vulnerabilities CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r8 | Windows |
| Vulnerabilities CVE-2020-8240,CVE-2020-8254 are affected in Pulse secure for windows 9.1.r8.2 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234