Vulnerabilities > Pulsesecure > Pulse Secure Desktop Client > High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-28	CVE-2020-8239	Unspecified vulnerability in Pulsesecure Pulse Secure Desktop Client 9.1 A vulnerability in the Pulse Secure Desktop Client < 9.1R9 is vulnerable to the client registry privilege escalation attack. network low complexity pulsesecure	7.5
2020-06-16	CVE-2020-13162	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Pulsesecure products A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges. local high complexity pulsesecure CWE-367	7.0
2019-04-12	CVE-2019-11213	Session Fixation vulnerability in multiple products In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. network high complexity pulsesecure ivanti CWE-384	8.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.