Pulse.Secure.SSL.VPN.HTML5.Information.Disclosure

description-logoDescription

This indicates an attack attempt to exploit an Information Disclosure Vulnerability in Pulse Connect Secure.
The vulnerability is due to an error in the vulnerable application when handling a malicious request. An unauthenticated attacker can exploit this to access sensitive information on the affected machine via a crafted request.

affected-products-logoAffected Products

Pulse Connect Secure 8.1R15.1
Pulse Connect Secure 8.2 before 8.2R12.1
Pulse Connect Secure 8.3 before 8.3R7.1
Pulse Connect Secure 9.0 before 9.0R3.4

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's advisory for updates: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101

Version Updates

Date Version Detail
2022-10-31 0.00333

CVE References

CVE-2019-11510