Exposures › CVE-2020-8260

CVE-2020-8260

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
⚡ RCE ⌖ exploited in the wild shame 65/100 rceexploited-in-wild

Pulse Connect Secure contains an unspecified vulnerability that allows an authenticated attacker to perform code execution using uncontrolled gzip extraction.

Players implicated

Description

Pulse Connect Secure contains an unspecified vulnerability that allows an authenticated attacker to perform code execution using uncontrolled gzip extraction.

Affected FedRAMP products 2 in the catalog

ProductProviderStatusMatch
Ivanti Neurons for ITSM (Formerly Service Manager) Ivanti Authorized vendor-exact · 0.90
Ivanti Neurons for MDM (Formerly MobileIron) Ivanti Authorized vendor-exact · 0.90