內容說明:
Pulse Secure Pulse Connect Secure(PCS)與Pulse Policy Secure(PPS)產品存在多個安全性漏洞,攻擊者可利用漏洞進行攻擊,進而導致跨網站腳本攻擊、繞過安全機制、資訊洩漏及執行任意程式碼
影響平台:
Pulse Connect Secure:
9.0R1~9.0R3.3
8.3R1~8.3R7
8.2R1~8.2R12
8.1R1~8.1R15
Pulse Policy Secure:
9.0R1~9.0R3.3
5.4R1~5.4R7
5.3R1~5.3R12
5.2R1~5.2R12
5.1R1~5.1R15
處置建議:
參考連結:https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101
CVE編號:
CVE-2019-11507
CVE-2019-11508
CVE-2019-11509
CVE-2019-11510
CVE-2019-11538
CVE-2019-11539
CVE-2019-11540
CVE-2019-11541
CVE-2019-11542
CVE-2019-11543
參考資料:
1. https://badpackets.net/over-14500-pulse-secure-vpn-endpoints-vulnerable-to-cve-2019-11510/
2. https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101