Pulse Secure will apply fixes for product security vulnerabilities to all software releases which have not exceeded the End of Engineering (EOE) or End of Life (EOL) milestones. For more information applicable software release and milestones, please refer to the "Software" section on the EOL policy
- End of Engineering - Pulse Secure will no longer perform any updates, patches, hotfixes, or security patches for the appliance.
- End of Life - Last date to receive contracted service for the product
As of September 2019, the following software releases will continue to receive security vulnerability patches:
- 8.1RX (Only for SA4500 and SA6500FIPS device) until February 2020
- 8.3RX (Only for MAG appliances) Pulse Secure will continue to provide customer support until December 2021, however, no bug fixes, feature enhancements or other Engineering support will be provided other than highly critical security fixes on a best effort basis.
- As of August 17th 2021 there are no planned security fixes for 8.3RX. We want to help you upgrade both your software and appliance to fully protect your organization before the EOS date at the end of this year. Please contact your Account Executive to discuss options.
- 9.0RX (PSA devices) until October 2019
All security vulnerabilities are evaluated based on the Common Vulnerability Scoring System (CVSS) Version 3.0 specification. If the CVSS Base score is 3 or higher, the fix will be applied to all software releases that have not exceeded the End of Engineering (EOE) milestone.
For legacy customers (running SA / IC / MAG):
Pulse Secure will continue to provide fixes for product security vulnerabilities until the hardware exceeds the End of Life (EOL) milestone. For more information, please refer to the "Appliance" section of the EOL policy
All aspects of this process are subject to change without notice and on a case-by-case basis.Document history:
August 30th 2020 - Original draft published
August 17th 2020 - Update regarding planned security fixes for 8.3Rx (MAG Devices)