Security Alert (A22-04-03): Vulnerability in Pulse Secure Products


 

Published on: 01 April 2022

  
  

Description:

Pulse Secure has published a security advisory to address a vulnerability in Pulse Secure products. The detailed information about the vulnerability can be found at:

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/CVE-2022-0778-OpenSSL-Vulnerability-may-lead-to-DoS-attack/

 

Affected Systems:

  • Pulse Connect Secure prior to version 9.1R14.1
  • Pulse One prior to version 2.0.2201
  • Pulse Policy Secure prior to version 9.1R14.1
  • Pulse Secure Services Director prior to version 21.1R2

 

Impact:

Successful exploitation of the vulnerability could lead to denial of service on an affected system.

 

Recommendation:

Patches for affected products are available. System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/CVE-2022-0778-OpenSSL-Vulnerability-may-lead-to-DoS-attack/
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778


Tag: Pulse Secure , Pulse One , Pulse Connect Secure , Pulse Policy Secure , Pulse Secure Services Director
Tags