Name of the Vulnerable Software and Affected Versions:

Pulse Connect Secure versions prior to 9.1R8.2

Description:

A vulnerability in the Pulse Connect Secure admin web interface could allow an authenticated attacker to gain arbitrary file reading access through Pulse Collaboration via XML External Entity (XXE) vulnerability.

Recommendations:

For versions prior to 9.1R8.2, update to version 9.1R8.2 or later to resolve the issue.