Related Articles

KB40180 - Windows security prompt appears after upgrading to 8.1R7 and above

KB25932 - Known false positive CVE list

SA44101 - 2019-04: Out-of-Cycle Advisory: Multiple vulnerabilities resolved in Pulse Connect Secure / Pulse Policy Secure 9.0RX

KB43792 - Premier Java HOB (RDP) Applet bookmark launched from macOS to a Windows 10 remote host fails with error "Connection Failed. Unable to connect to server."

KB44242 - Lock down mode exception rules for Windows endpoints does not work after upgrading to Pulse Connect Secure 9.0R2 - 9.0R4.1 or 9.1R1 - 9.1R2

KB40512 - HOB JWT Administration Guide for Java RDP Applet parameter values

KB43746 - Increasing DPI Scaling in client PC will affect the Display Resolution setting in RDP server while accessing via Terminal Service.

KB40848 - Window Terminal Service failed to connect when "Connect smart cards" option is enabled in the bookmark settings and backend is configured with NLA

KB43584 - Mac users intermittently unable to launch RDP connection using HOB Applet to a Win10 remote host with error "A protocol error has occurred. Errorcode: HLJWT502E: Reason: java.lang.Error: invalid device id 0xffffffff"

KB40627 - Compatibility issues between Cisco Media Services and Pulse Secure Desktop client on Windows 8.1/10

< Back to search results

Article

SA40166 - Remote desktop protocol (RDP) client restriction bypass issue

« Go Back

Information

Product Affected	This issue impacts PCS software version 8.1R7 and 8.2R1 only, as no other PCS release version are impacted.

Problem

A security issue was discovered in the PCS Terminal Services Remote Desktop Protocol (RDP) client session restrictions feature. By exploiting this issue a malicious authenticated user could bypass security controls applied against their terminal services session. This issue is only exploitable by users who have a valid authenticated session to the PCS device as well as authenticating to the backend terminal services server.

Solution

This issue has been resolved in PCS 8.1R8 and 8.2R1.1, and later.

Workaround

To resolve this issue you must update to a release that contains the fix. There are no workarounds for this issue.

Implementation

Related Links

CVSS Score	3.0 (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/)

Risk Assessment

Acknowledgements

Alert Type	SA - Security Advisory

Risk Level	Low

Attachment 1

Attachment 2

Legacy ID