CVE-2019-11508

Name of the Vulnerable Software and Affected Versions Pulse Secure Pulse Connect Secure (PCS) versions 8.1R15.0 and earlier Pulse Secure Pulse Connect Secure (PCS) versions 8.2R12.0 and earlier Pulse Secure Pulse Connect Secure (PCS) versions 8.3R7.0 and earlier Pulse Secure Pulse Connect Secure (PCS) versions 9.0R3.3 and earlier

Description The issue allows an authenticated attacker, via the admin web interface, to exploit Directory Traversal and execute arbitrary code on the appliance.

Recommendations For versions 8.1R15.0 and earlier, update to version 8.1R15.1 or later. For versions 8.2R12.0 and earlier, update to version 8.2R12.1 or later. For versions 8.3R7.0 and earlier, update to version 8.3R7.1 or later. For versions 9.0R3.3 and earlier, update to version 9.0R3.4 or later.