Security Alert (A20-08-08): Multiple Vulnerabilities in Pulse Secure Products
27 August 2020
Pulse Secure released security advisories to address multiple vulnerabilities in the Pulse Connect Secure and Pulse Policy Secure server software. The detailed information about the vulnerabilities can be found at:
The proof-of-concept and fully workable exploit code against the vulnerability (CVE-2020-8218) has been publicly available on the Internet. System administrators are advised to patch your affected systems to mitigate the risks of cyber attacks.
Pulse Connect Secure prior to version 9.1R8
Pulse Policy Secure prior to version 9.1R8
Depending on the vulnerability exploited, a successful attack could lead to arbitrary code execution, information disclosure, elevation of privilege, cross-site scripting or denial of service on an affected system.
Software updates for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.