CVE-2020-8956
First published: Tue Oct 27 2020(Updated: )
Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users' passwords if Save Settings is enabled.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Pulsesecure Pulse Secure Desktop | =9.0r1.0 | |
| Pulsesecure Pulse Secure Desktop | =9.0r2.0 | |
| Pulsesecure Pulse Secure Desktop | =9.0r2.1 | |
| Pulsesecure Pulse Secure Desktop | =9.0r3.0 | |
| Pulsesecure Pulse Secure Desktop | =9.0r3.1 | |
| Pulsesecure Pulse Secure Desktop | =9.0r4.0 | |
| Pulsesecure Pulse Secure Desktop | =9.0r4.1 | |
| Pulsesecure Pulse Secure Desktop | =9.1r1.0 | |
| Pulsesecure Pulse Secure Desktop | =9.1r2.0 | |
| Pulsesecure Pulse Secure Desktop | =9.1r3.0 | |
| Pulsesecure Pulse Secure Desktop | =9.1r3.1 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2020-8956?
The severity of CVE-2020-8956 is low.
What is affected by CVE-2020-8956?
Pulse Secure Desktop Client versions 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows are affected by CVE-2020-8956.
How does CVE-2020-8956 expose users' passwords?
CVE-2020-8956 exposes users' passwords if the Save Settings feature is enabled in Pulse Secure Desktop Client versions 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows.
How can I fix CVE-2020-8956?
To fix CVE-2020-8956, users should update Pulse Secure Desktop Client to version 9.0R5 or 9.1R4 or higher on Windows and disable the Save Settings feature.
Where can I find more information about CVE-2020-8956?
More information about CVE-2020-8956 can be found in the Pulse Secure KB article: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- vendor/pulsesecure
- canonical/pulsesecure pulse secure desktop
- version/pulsesecure pulse secure desktop/9.0r1.0
- version/pulsesecure pulse secure desktop/9.0r2.0
- version/pulsesecure pulse secure desktop/9.0r2.1
- version/pulsesecure pulse secure desktop/9.0r3.0
- version/pulsesecure pulse secure desktop/9.0r3.1
- version/pulsesecure pulse secure desktop/9.0r4.0
- version/pulsesecure pulse secure desktop/9.0r4.1
- version/pulsesecure pulse secure desktop/9.1r1.0
- version/pulsesecure pulse secure desktop/9.1r2.0
- version/pulsesecure pulse secure desktop/9.1r3.0
- version/pulsesecure pulse secure desktop/9.1r3.1
- vendor/microsoft
- canonical/microsoft windows