First published: Thu Nov 29 2018(Updated: )
Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows has Insecure Permissions.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Pulsesecure Pulse Secure Desktop Client | =5.3r1 | |
Pulsesecure Pulse Secure Desktop Client | =5.3r1.1 | |
Pulsesecure Pulse Secure Desktop Client | =5.3r2 | |
Pulsesecure Pulse Secure Desktop Client | =5.3r3 | |
Pulsesecure Pulse Secure Desktop Client | =5.3r4 | |
Pulsesecure Pulse Secure Desktop Client | =5.3r4.1 | |
Pulsesecure Pulse Secure Desktop Client | =5.3r4.2 | |
Pulsesecure Pulse Secure Desktop Client | =5.3r5 | |
Pulsesecure Pulse Secure Desktop Client | =5.3r5.2 | |
Pulsesecure Pulse Secure Desktop Client | =5.3r6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-11002 is a vulnerability in the Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows that has insecure permissions.
The Pulse Secure Desktop Client versions 5.3r1 through 5.3r6 on Windows are affected by CVE-2018-11002.
CVE-2018-11002 has a severity rating of medium (5.5).
To mitigate CVE-2018-11002, ensure that appropriate permissions are set for the Pulse Secure Desktop Client on Windows.
You can find more information about CVE-2018-11002 at the following references: [http://www.securityfocus.com/bid/106054](http://www.securityfocus.com/bid/106054) and [https://www.themissinglink.com.au/security-advisories-cve-2017-16878-0](https://www.themissinglink.com.au/security-advisories-cve-2017-16878-0).