CVE-2020-11581 is a vulnerability in Pulse Secure Pulse Policy Secure
Published on April 6, 2020

An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS command injection attacks (against a client) via shell metacharacters to the doCustomRemediateInstructions method, because Runtime.getRuntime().exec() is used.

NVD

Products Associated with CVE-2020-11581

Want to know whenever a new CVE is published for Pulse Secure Pulse Policy Secure? stack.watch will email you.

Pulse Secure Pulse Policy Secure

Exploit Probability

EPSS

39.32%

Percentile

97.22%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-11581 is a vulnerability in Pulse Secure Pulse Policy SecurePublished on April 6, 2020

Products Associated with CVE-2020-11581

Exploit Probability

CVE-2020-11581 is a vulnerability in Pulse Secure Pulse Policy Secure
Published on April 6, 2020