PT-2018-13456 · Pulse Secure · Pulse Desktop Client

Publicado

2018-09-06

Atualizado

2019-10-03

CVE-2018-16261

CVSS v3.1

6.8

Média

Vetor

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Pulse Secure Pulse Desktop Client versions 5.3RX before 5.3R5 Pulse Secure Pulse Desktop Client version 9.0R1

Description The issue is related to a Privilege Escalation Vulnerability with Dynamic Certificate Trust.

Recommendations For Pulse Secure Pulse Desktop Client versions 5.3RX before 5.3R5, update to version 5.3R5 or later. For Pulse Secure Pulse Desktop Client version 9.0R1, update to a newer version that contains a fix for this issue.

Correção

Improper Certificate Validation

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-295

Identificadores relacionados

CVE-2018-16261

Produtos afetados

Pulse Desktop Client

PT-2018-13456 · Pulse Secure · Pulse Desktop Client

CVE-2018-16261

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3