Vulnerability CVE-2018-11002
Published: 2018-11-29

Description:
Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows has Insecure Permissions.

Type:

CWE-427

 (Uncontrolled Search Path Element)

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.8/10
4.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
Partial
Affected software
Pulsesecure -> Pulse secure desktop client 

 References:
http://www.securityfocus.com/bid/106054
https://www.themissinglink.com.au/security-advisories-cve-2017-16878-0
Copyright 2024, cxsecurity.com

 

Back to Top