Reset Search
 

 
Article

JSA10445 - 2010-06 Security Bulletin: Pulse Connect Secure (PCS) Cross Site Scripting Issue in Windows Secure Application Manager

Printable View
« Go Back

Information

 
Product AffectedPCS500, PCS700, PCS1000, PCS2000, PCS2500, PCS3000, PCS4000, PCS4500, PCS5000, PCS6000, PCS6500, PCS3000 FIPS, PCS4000 FIPS, PCS4500 FIPS, PCS5000 FIPS, PCS6000 FIPS, PCS6500 FIPS
Problem
Cross site scripting issue on Uninstall link for Windows Secure Application Manager.

This issue was found during internal proactive security testing.

This vulnerability only affects users that are authenticated.
Solution
The following PCS software releases have a fix for this issue. We recommend upgrading the PCS software to resolve this security vulnerability.
PCS: 6.0R13; 6.4R6; 6.5R4, or higher.
Workaround
None
Implementation
Related Links
CVSS Score6.0 AV:N/AC:M/Au:S/C:P/I:P/A:P
Risk AssessmentAttacker can gain unauthorized access to protected resources.
Acknowledgements
Alert TypePSN - Product Support Notification
Risk LevelMedium
Attachment 1 
Attachment 2 
Legacy IDPSN-2010-05-753, JSA10445

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255