CVE-2020-8206

An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP.

Link	Resource
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516	Vendor Advisory

Configuration 1

cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r5:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r6:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r7:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:-:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r1:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r2:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r3:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.1:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.2:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r4.3:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r2:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r3:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r3.1:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r4:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r4.1:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r4.2:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r5:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r6:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r7:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r1:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:* cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*

---

Published : 2020-07-30 01:15

Updated : 2020-08-20 03:38

---

NVD link : CVE-2020-8206

Mitre link : CVE-2020-8206

No products.

CWE-287