CVE-2021-22965

Name of the Vulnerable Software and Affected Versions Pulse Connect Secure versions prior to 9.1R12.1

Description A vulnerability in Pulse Connect Secure could allow an unauthenticated administrator to cause a denial of service when a malformed request is sent to the device. This issue is related to an uncontrolled resource consumption. An attacker, acting remotely, can exploit this vulnerability by sending an incorrect request to the device, resulting in a denial of service.

Recommendations For versions prior to 9.1R12.1, update to version 9.1R12.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the device to minimize the risk of exploitation. Avoid sending malformed requests to the device until the issue is resolved.