Share:

CVE-2020-8206

Severe 9.8

An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP.

Published July 30, 2020.

Affected software

Pulsesecure Pulse Policy Secure

Pulsesecure Pulse Connect Secure

Get alerts for Pulsesecure Pulse Policy Secure

Reference links

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516