OR
     *cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:* versions from (including) 9.0r1 from (excluding) 9.0r3

OR
     *cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:* versions from (including) 9.0r1 from (excluding) 9.0r3

OR
     *cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:* versions from (including) 8.3r1 from (excluding) 8.3r7

OR
     *cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:* versions from (including) 8.3r1 from (excluding) 8.3r7

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114 No Types Assigned

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114 Vendor Advisory

https://www.kb.cert.org/vuls/id/192371 No Types Assigned

https://www.kb.cert.org/vuls/id/192371 Third Party Advisory, US Government Resource

https://www.kb.cert.org/vuls/id/192371 [No Types Assigned]

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114 [No Types Assigned]

OR
     *cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:* versions from (including) 8.1r1.0 up to (including) 8.1r14.0
     *cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:* versions from (including) 8.3r1 up to (excluding) 8.3r7
     *cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:* versions from (including) 9.0r1 up to (excluding) 9.0r3
     *cpe:2.3:a:pulsesecure:pulse_secure_desktop_client:*:*:*:*:*:*:*:* versions from (including) 5.0r1.0 up to (excluding) 5.3r7

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-384

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114/ No Types Assigned

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114/ Vendor Advisory

In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2013-6024. (The endpoint would need to be already compromised for exploitation to succeed.) This affects Pulse Desktop Client 5.x before Secure Desktop 5.3R7 and Pulse Desktop Client 9.x before Secure Desktop 9.0R3. It also affects (for Network Connect customers) Pulse Connect Secure 8.1 be

In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for exploitation to succeed.) This affects Pulse Desktop Client 5.x before Secure Desktop 5.3R7 and Pulse Desktop Client 9.x before Secure Desktop 9.0R3. It also affects (for Network Connect customers) Pulse Connect Secure 8.1 be