Pulse One On-Premise software version 2.0.1808 and 2.0.1820 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open.

A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0, could allow an attacker to trick a logged-in user into making administrative changes on the traffic manager cluster.

2014-10 Out of Cycle Security Bulletin: Multiple products affected by SSL "POODLE" vulnerability (CVE-2014-3566)

On September 22, 2016 the OpenSSL project announced a group of new security advisories. These issues affect all supported versions of Pulse Secure products. The OpenSSL advisory can be found at the following link: https://www.openssl.org/news/changelog.ht...

Pulse One On-Premise software version 2.0.1808 and 2.0.1820 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open.

A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0, could allow an attacker to trick a logged-in user into making administrative changes on the traffic manager cluster.