A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0, could allow an attacker to trick a logged-in user into making administrative changes on the traffic manager cluster.

Pulse One On-Premise software version 2.0.1808 and 2.0.1820 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open.

2014-10 Out of Cycle Security Bulletin: Multiple products affected by SSL "POODLE" vulnerability (CVE-2014-3566)

Pulse One On-Premise software version 2.0.1808 and 2.0.1820 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open.

A CSRF vulnerability in Brocade Virtual Traffic Manager versions released prior to and including 11.0, could allow an attacker to trick a logged-in user into making administrative changes on the traffic manager cluster.