Description:

Pulse Secure has published a security advisory to address multiple vulnerabilities in Pulse Connect Secure system software. The detailed information about the vulnerabilities can be found at:

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858

Affected Systems:

• Pulse Connect Secure prior to version 9.1R12

Impact:

Depending on the vulnerabilities being exploited, a successful exploitation of the vulnerabilities could lead to arbitrary command injection, buffer overflow, cross-site scripting or data tampering on the affected system.

Recommendation:

Patches for affected products are available. System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

More Information:

• https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44858
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22933 (to CVE-2021-22938)