Share:

CVE-2020-8206 - Pulsesecure Pulse Policy Secure and Pulsesecure Pulse Connect Secure

July 30, 2020

Critical 9.8

An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP.

Affected software

Pulsesecure Pulse Policy Secure

Pulsesecure Pulse Connect Secure

Reference links

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.