3 matches found
CVE-2015-5369
Pulse Connect Secure (PCS) devices with Hardware Acceleration enabled are affected by CVE-2015-5369 due to improper validation of the TLS Finished handshake, enabling MITM via a crafted Finished message. Affected lines include PCS 8.1 before 8.1r5, 8.0 before 8.0r13, 7.4 before 7.4r13.5, and 7.1 ...
CVE-2015-7322
The CVE-2015-7322 issue affects Pulse Connect Secure’s Secure Meeting (Pulse Collaboration). Affected releases expose different join-meeting messages based on meeting status, enabling remote attackers to enumerate valid meeting IDs by issuing a sequence of requests. This is an information-disclos...
CVE-2015-7323
CVE-2015-7323 affects Pulse Connect Secure’s Secure Meeting component. An authenticated user could bypass meeting authorization and join arbitrary meetings via a valid session/meetingAppSun.jar, effectively bypassing access controls to in-session meetings. The Ivanti advisory notes the issue requ...