Reset Search



JSA10401 - Pulse Connect Secure (PCS) product - PCS Security Bundle - Internal System Function

« Go Back


Product AffectedAffected Hardware: PCS: PCS500, PCS700, PCS1000, PCS2000, PCS2500, PCS3000, PCS4000, PCS4500, PCS5000, PCS6000, PCS6500 FIPS, PCS4000 FIPS , PCS6000
Internal System Function vulnerabilities found and fixed through a combination of internal and external proactive security testing:
  • Issue with special characters used in a parameter in dsrecord, log upload, attendee list in Pulse Collaboration client, and sign-in web page for Pulse Collaboration Outlook Plugin
  • XML external entity attack in Pulse Collaboration web page
Pulse Secure recommends upgrading to one of the following or later releases:
PCS: 5.5R7.1; 6.0R8; 6.1R7; 6.2R3; 6.3R2
No workarounds exist for these issues. Software upgrades recommended in this Security Advisory are synchronized with the recommendations in other (PSN-2009-03-248 and PSN-2009-03-250). This enables customers to upgrade once and have all issues resolved with the upgrade.
Related Links
CVSS Score
Risk AssessmentThese vulnerabilities could compromise the integrity of the system.
Alert TypePSN - Product Support Notification
Risk LevelLow
Attachment 1 
Attachment 2 
Legacy IDPSN-2009-03-249, JSA10401



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255