Pulse Secure recommends that each customer review their currently deployed software and upgrade if required.
Pulse Secure has resolved this issue in the following releases and later:
2.1R4 and higher
2.2RX
This vulnerability is not present in any 2.x or older versions of PPS OS.
Pulse Secure will be removing software from the
Pulse Secure Portal which does not have the fix for Security Advisory
JSA10380. This will minimize the risk to customers inadvertently deploying software which they would have otherwise believed to be "fixed." This removal will be effective immediately for the following releases of PPS OS:
2.1R3 Software ONLY
2.1R2 Software ONLY
2.1R1.1 Software ONLY
Please upgrade to a validated fixed version if you have deployed any of these images.