CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-8243

A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.245

EPSS Ranking 95.8%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

Proposed Action

Ivanti Pulse Connect Secure contains an unspecified vulnerability in the admin web interface that could allow an authenticated attacker to upload a custom template to perform code execution.

Ransomware Campaign

Unknown

References

Products affected by CVE-2020-8243

Ivanti » Connect Secure » Version: N/A

cpe:2.3:a:ivanti:connect_secure:-
Ivanti » Connect Secure » Version: 7.1

cpe:2.3:a:ivanti:connect_secure:7.1
Ivanti » Connect Secure » Version: 7.4

cpe:2.3:a:ivanti:connect_secure:7.4
Ivanti » Connect Secure » Version: 8.0

cpe:2.3:a:ivanti:connect_secure:8.0
Ivanti » Connect Secure » Version: 8.1

cpe:2.3:a:ivanti:connect_secure:8.1
Ivanti » Connect Secure » Version: 8.2

cpe:2.3:a:ivanti:connect_secure:8.2
Ivanti » Connect Secure » Version: 8.3

cpe:2.3:a:ivanti:connect_secure:8.3
Ivanti » Connect Secure » Version: 9.0

cpe:2.3:a:ivanti:connect_secure:9.0
Ivanti » Connect Secure » Version: 9.1

cpe:2.3:a:ivanti:connect_secure:9.1
Ivanti » Policy Secure » Version: N/A

cpe:2.3:a:ivanti:policy_secure:-
Ivanti » Policy Secure » Version: 9.0

cpe:2.3:a:ivanti:policy_secure:9.0
Ivanti » Policy Secure » Version: 9.1

cpe:2.3:a:ivanti:policy_secure:9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-8243

Products

Pricing

Contact Us