All Pulse Secure products were evaluated and found not vulnerable to the following CVE:
- Segmentation fault in SSL_check_chain (CVE-2020-1967)
The table below provides details of the affected and not affected products:
Pulse Connect Secure | Not Vulnerable |
Pulse Policy Secure | Not Vulnerable |
Pulse One | Not Vulnerable |
All versions of Pulse Desktop Client | Not Vulnerable |
Pulse Mobile Client (Android & iOS) | Not Vulnerable |
Pulse Secure vADC | Not Vulnerable |
LEGAL DISCLAIMER
- THIS ADVISORY IS PROVIDED ON AN “AS IS” BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. USE OF THIS INFORMATION FOUND IN THIS ADVISORY OR IN MATERIALS LINKED HEREFROM IS AT THE USER’S OWN RISK. PULSE SECURE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS ADVISORY AT ANY TIME.
- A STANDALONE COPY OR PARAPHRASE OF THE TEXT OF THIS ADVISORY THAT OMITS THE DISTRIBUTION URL IS AN UNCONTROLLED COPY AND MAY OMIT IMPORTANT INFORMATION OR CONTAIN ERRORS. THE INFORMATION IN THIS ADVISORY IS INTENDED FOR END USERS OF PULSE SECURE PRODUCTS.
Document History:April 22, 2020 - Initial advisory posted.
April 23, 2020 - Updated Details for Pulse Secure vADC Product.