Pulse.Secure.SSL.VPN.Authenticated.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit a Command Injection vulnerability in Pulse Connect Secure.
The vulnerability is due to insufficient sanitizing of user supplied inputs. An authenticated remote attacker may be able to exploit this to execute arbitrary commands within the context of the application, via a crafted HTTP request.

affected-products-logoAffected Products

Pulse Connect Secure 9.0RX before 9.0R3.4
Pulse Connect Secure 8.3RX before 8.3R7.1
Pulse Connect Secure 8.2RX before 8.2R12.1
Pulse Connect Secure 8.1RX before 8.1R15.1
Pulse Policy Secure 9.0RX before 9.0R3.2
Pulse Policy Secure 5.4RX before 5.4R7.1
Pulse Policy Secure 5.3RX before 5.3R12.1
Pulse Policy Secure 5.2RX before 5.2R12.1
Pulse Policy Secure 5.1RX before 5.1R15.1

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's advisory for updates:
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-11-24 18.202 Sig Added
2019-09-25 14.694 Default_action:pass:drop
2019-09-11 14.685