Pulse.Secure.SSL.VPN.HTML5.Information.Disclosure
Description
This indicates an attack attempt to exploit an Information Disclosure Vulnerability in Pulse Connect Secure.
The vulnerability is due to an error in the vulnerable application when handling a malicious request. An unauthenticated attacker can exploit this to access sensitive information on the affected machine via a crafted request.
Affected Products
Pulse Connect Secure 8.1R15.1
Pulse Connect Secure 8.2 before 8.2R12.1
Pulse Connect Secure 8.3 before 8.3R7.1
Pulse Connect Secure 9.0 before 9.0R3.4
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Refer to the vendor's advisory for updates: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101
Version Updates
Date | Version | Detail |
---|---|---|
2022-10-31 | 0.00333 |