What the vulnerability does

01Description

A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to gain arbitrary file reading access through Pulse Collaboration via XML External Entity (XXE) vulnerability.

Key dates

02Disclosure timeline

September 29, 2020 CVE published
November 18, 2024 Record updated