GCVE - cpe:2.3:a:n/a:pulse_connect_secure_/_pulse_policy

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:pulse_connect_secure_/_pulse_policy_secure:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Pulse Connect Secure / Pulse Policy Secure (`06590cdb-6b69-5b92-9bd2-8659aa9e7a09`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-8263`	vulnerable	2026-06-08 05:27:15.456099	Details available A vulnerability in the authenticated user web interface of Pulse Connect Secure < 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) through the CGI file. Published: 2020-10-28T12:48:17.000Z Updated: 2024-08-04T09:56:27.966Z Open on db.gcve.eu Reference links https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-8262`	vulnerable	2026-06-08 05:27:15.454584	Details available A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface. Published: 2020-10-28T12:47:55.000Z Updated: 2024-08-04T09:56:28.075Z Open on db.gcve.eu Reference links https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-8261`	vulnerable	2026-06-08 05:27:15.453380	Details available A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection. Published: 2020-10-28T12:47:36.000Z Updated: 2024-08-04T09:56:28.147Z Open on db.gcve.eu Reference links https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-8260`	vulnerable	2026-06-08 05:27:15.439433	Details available A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction. Published: 2020-10-28T12:47:13.000Z Updated: 2025-10-21T23:35:34.332Z Open on db.gcve.eu Reference links https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601 http://packetstormsecurity.com/files/160619/Pulse-Secure-VPN-Remote-Code-Execution.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-8255`	vulnerable	2026-06-08 05:27:15.431737	Details available A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary file reading vulnerability is fixed using encrypted URL blacklisting that prevents these messages. Published: 2020-10-28T12:46:59.000Z Updated: 2024-08-04T09:56:28.181Z Open on db.gcve.eu Reference links https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Pulse Connect Secure / Pulse Policy Secure

PURL mappings

Vulnerability references

Contribute