← back
CVE-2020-8256

CVE-2020-8256

EPSS 3.4%CWE-611
A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to gain arbitrary file reading access through Pulse Collaboration via XML External Entity (XXE) vulnerability.
Affected products
n/a · Pulse Connect Secure

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44588https://www.gosecure.net/blog/2020/11/13/forget-your-perimeter-part-2-four-vulnerabilities-in-pulse-connect-secure/