This indicates an attack attempt against a Remote Code Execution vulnerability in Pulse Connect Secure VPN.
The vulnerability is due to insufficient sanitizing of user supplied inputs when handling a crafted HTTP request. An authenticated attacker could exploit this to execute arbitrary code in the context of the vulnerable application.
Pulse Connect Secure (PCS) 9.1Rx or prior
Pulse Policy Secure (PPS) 9.1Rx or piror
Pulse Secure Desktop Client (PDC) 9.1Rx or prior
Pulse Connect Secure (PCS) before version 9.1R12
System Compromise: Remote attackers can gain control of vulnerable systems.
Apply the most recent upgrade or patch from the vendor.
For CVE-2020-8260: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
For CVE-2021-22937: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858