| Product | CVSS Score / Exploitability if Applicable | Impact | Fix |
| Pulse Secure Virtual Traffic Manager | | Under Investigation | |
| Pulse Secure Services Director | | Under Investigation | |
| Pulse Secure Web Application Firewall | | Under Investigation | |
| Pulse Connect Secure | CVSS Score 7.5
CVSS3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
For this to be successfully exploited on the PCS Server, an authenticated user session between Client and Server is required. This makes the attack vector highly complex and exploitability factor medium to low. | Affected | 9.1R15 (Tentative for April, 2022) |
| Ivanti Connect Secure (ICS) | CVSS Score 7.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
For this to be successfully exploited on the PCS Server, an authenticated user session between Client and Server is required. This makes the attack vector highly complex and exploitability factor medium to low. | Affected | 22.3 (Tentative for April, 2022) |
| Pulse Policy Secure | N/A | Not Affected | |
| Pulse Desktop Client | CVSS Score 7.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
For the exploit to succeed on the endpoint target, it requires an authenticated user session between Client and Server and the Server to be in compromised state. This makes the attack vector highly complex and exploitability factor medium to low. | Affected | Pulse 9.1R15 (Tentative for April, 2022) |
| Pulse Mobile Client | N/A | Not Affected | |
| Pulse One | N/A | Not Affected | |
| Ivanti Neurons for ZTA | N/A | Not Affected | |
| Ivanti Neurons for secure Access | N/A | Not Affected | |
