TSB44200 - Addendum to April Advisory (SA44101)

This notification is an addendum to April advisory (SA44101).  Due to the critical nature of the vulnerabilities, the purpose is to notify all customers that Pulse Secure strongly recommends patching all devices as soon as possible.

The security advisory consists of 3 critical, 6 high and 2 medium bugs. Pulse Secure is recommending that each customer reviews their currently deployed software and upgrade to the appropriate patched version as quickly as possible. 

All software versions that have not already been patched are impacted and can be vulnerable.  Customers should upgrade to the appropriate fixed version as indicated in the table below:
 

Software Versions	Recommended Fixed Release
Pulse Connect Secure 9.0R1 - R2	Pulse Connect Secure 9.0R4
Pulse Connect Secure 9.0R3.X	Pulse Connect Secure 9.0R3.4
Pulse Connect Secure 8.3RX	Pulse Connect Secure 8.3R7.1
Pulse Connect Secure 8.2RX	Pulse Connect Secure 8.2R12.1
Pulse Connect Secure 8.1RX	Pulse Connect Secure 8.1R15.1
Pulse Policy Secure 9.0R1 - R2	Pulse Policy Secure 9.0R4
Pulse Policy Secure 9.0R3.X	Pulse Policy Secure 9.0R3.2
Pulse Policy Secure 5.4RX	Pulse Policy Secure 5.4R7.1
Pulse Policy Secure 5.3RX	Pulse Policy Secure 5.3R12.1
Pulse Policy Secure 5.2RX	Pulse Policy Secure 5.2R12.1
Pulse Policy Secure 5.1RX	Pulse Policy Secure 5.1R15.1

 

• For more information about the security vulnerability, please refer to SA44101 - 2019-04: Out-of-Cycle Advisory: Multiple vulnerabilities resolved in Pulse Connect Secure / Pulse Policy Secure 9.0RX.
• To download patched software versions, please go to the Pulse Secure Download Center