Reset Search
 

 
Article

JSA10488 - 2011-09 Security Bulletin: Pulse Connect Secure (PCS) & Pulse Policy Secure (PPS): Admin Interface Issue

Printable View
« Go Back

Information

 
Product AffectedPCS: SA 500, SA 700, SA 2000, SA 2500, SA 4000, SA 4500, SA 6000, SA 6500, SA 4000 FIPS, SA 6000 FIPS, SA 4500 FIPS, SA 6500 FIPS, MAG2600, MAG4610, MAG-SM160, MAG-SM360
<BR>
PPS: IC4000, IC4500, IC6000, IC6500, IC6500 FIPS, MAG2600, MAG4610, MAG-SM160, MA
Problem
Custom Sign-In page upload requires additional validation.
Solution
The following software releases have a fix for this issue:
PCS: 6.5R9; 7.0R5, 7.1R2 or higher.
PPS: 4.1R2 or higher.
We recommend upgrading your software to resolve this security vulnerability.

Note: Pulse Secure policy is to only publish fixes for release that have not yet reached End-of-Engineering. These issues were reported prior to 6.5 reaching its End-of-Engineering date so the fixes for this release are published in this Security Bulletin.


 
Workaround
None.
Implementation
Related Links
To download the latest software, please visit: http://my.pulsesecure.net
CVSS Score7.9 (AV:N/AC:M/Au:S/C:C/I:C/A:N)
Risk Assessment- This vulnerability can compromise the integrity of the system.
Acknowledgements
Alert TypePSN - Product Support Notification
Risk LevelMedium
Attachment 1 
Attachment 2 
Legacy IDPSN-2011-08-341, JSA10488

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255