CVE-2020-8243

CVE-2020-8243

Vendor N/A
Product Pulse Connect Secre
Weakness CWE-94 · Code injection
KEV Status Known Exploited
Published September 29, 2020
Last update October 21, 2025

CVSS base score

What the vulnerability does

01Description

A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution.

CISA mandated remediation

02CISA Required Action

Apply updates per vendor instructions.

Key dates

03Disclosure timeline

September 29, 2020 CVE published
October 21, 2025 Record updated