CVE-2016-3985
First published: Fri Apr 08 2016(Updated: )
The Terminal Services Remote Desktop Protocol (RDP) client session restrictions feature in Pulse Connect Secure (aka PCS) 8.1R7 and 8.2R1 allow remote authenticated users to bypass intended access restrictions via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ivanti Pulse Connect Secure | =8.1r7 | |
| Ivanti Pulse Connect Secure | =8.2r1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-3985?
CVE-2016-3985 is classified with a high-severity rating due to its potential to allow unauthorized access to restricted resources.
How do I fix CVE-2016-3985?
To remediate CVE-2016-3985, you should upgrade to Pulse Connect Secure versions 8.1R8 or 8.2R2 or later.
What types of users are affected by CVE-2016-3985?
CVE-2016-3985 affects remote authenticated users who can exploit the vulnerability to bypass access restrictions.
What is the impact of CVE-2016-3985 on system security?
The impact of CVE-2016-3985 includes the potential unauthorized access to sensitive resources and systems.
Are there known exploits for CVE-2016-3985?
Yes, there are reports that CVE-2016-3985 can be exploited by attackers to gain unauthorized access, although specific exploit details are not disclosed.
- agent/references
- agent/type
- agent/author
- agent/severity
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/pulsesecure
- canonical/ivanti pulse connect secure
- version/ivanti pulse connect secure/8.1r7
- version/ivanti pulse connect secure/8.2r1