Session fixation

2016-04-1202:00:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

38.6%

JSON

The Terminal Services Remote Desktop Protocol (RDP) client session restrictions feature in Pulse Connect Secure (aka PCS) 8.1R7 and 8.2R1 allow remote authenticated users to bypass intended access restrictions via unspecified vectors.

CPENameOperatorVersion
pulse_connect_secureeq8.1.0-r7
pulse_connect_secureeq8.2.0-r1

CPE	Name	Operator	Version
	pulse_connect_secure	eq	8.1.0-r7
	pulse_connect_secure	eq	8.2.0-r1

References

www.securitytracker.com/id/1035129

kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40166