CVE-2016-2408
published 2016-08-02CVE-2016-2408: Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service before 8.2R2 and below for Windows allow restricted users to gain privileges via…
PriorityP336high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
EPSS
0.39%
30.5th percentile
Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service before 8.2R2 and below for Windows allow restricted users to gain privileges via unspecified vectors.
Affected
137 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pulsesecure | odyssey_access_client | <= 5.6r16.0 | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
| pulsesecure | pulse_secure_desktop | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6rj8-3725-h29x: Pulse Secure Desktop before 5
ghsa_unreviewed·2022-05-13
CVE-2016-2408 [HIGH] GHSA-6rj8-3725-h29x: Pulse Secure Desktop before 5
Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service before 8.2R2 and below for Windows allow restricted users to gain privileges via unspecified vectors.
Ivanti
Ivanti Security Advisory: CVE-2016-2408
vendor_ivanti·2016-08-02·CVSS 7.8
CVE-2016-2408 [HIGH] CWE-264 Ivanti Security Advisory: CVE-2016-2408
Ivanti Security Advisory: CVE-2016-2408
Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service before 8.2R2 and below for Windows allow restricted users to gain privileges via unspecified vectors.
CVE IDs: CVE-2016-2408
CVSS Base Score: 7.8
Severity: HIGH
CWEs: CWE-264
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/92692http://www.securitytracker.com/id/1036474https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40241https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40241/http://www.securityfocus.com/bid/92692http://www.securitytracker.com/id/1036474https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40241https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40241/
2016-08-02
Published