Reset Search
 

 

Article

SA44019 - February 26 2019 OpenSSL Security Advisory

« Go Back

Information

 
Product Affected
Problem
On February 26 2019, the OpenSSL project announced a group of new security advisories. These issues may affect Pulse Secure products. For a list of supported software versions, please refer to our EOL policy.

The OpenSSL advisory can be found at the following link: https://www.openssl.org/news/changelog.html
Solution
Pulse Secure is currently evaluating the following issue reported by OpenSSL:
  • 0-byte record padding oracle (CVE-2019-1559)

Affected Products:

Pulse Secure is currently investigating all products below to determine which products may be affected by these vulnerabilities and the impact on all supported software versions. Since the investigation is on-going, we suggest to subscribe to this advisory as this document will be periodically updated with the latest status.

0-byte record padding oracle (CVE-2019-1559)

Pulse Connect SecureUnder review
Pulse Policy SecureUnder review
All versions of Pulse Desktop ClientNot vulnerable
Pulse Mobile (Android)Under review
Pulse Mobile (iOS)Under review
Pulse OneUnder review


Document History:
February 26, 2019 - Initial publication
March 1, 2019 - Status update to Pulse Desktop Client
Workaround
Implementation
Related Links
CVSS Score
Risk Assessment
Acknowledgements
Alert Type 
Risk Level 
Attachment 1 
Attachment 2 
Legacy ID

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255