First published: Thu May 10 2018(Updated: )
Pulse Secure Pulse Connect Secure 8.1.x before 8.1R14, 8.2.x before 8.2R11, and 8.3.x before 8.3R5 do not properly process nested XML entities, which allows remote attackers to cause a denial of service (memory consumption and memory errors) via a crafted XML document.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Pulsesecure Pulse Connect Secure | >=8.1<8.1r14 | |
Pulsesecure Pulse Connect Secure | >=8.2<8.2r11 | |
Pulsesecure Pulse Connect Secure | >=8.3<8.3r5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.