Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Pulse Connect Secure (aka PCS and formerly Juniper PCS) PSC6000, PCS6500, and MAG PSC360 8.1 before 8.1r5, 8.0 before 8.0r13, 7.4 before 7.4r13.5, and 7.1 before 7.1r22.2 and PPS 5.1 before 5.1R5 and 5.0 before 5.0R13, when Hardware Acceleration is enabled, does not properly validate the Finished TLS handshake message, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted Finished message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Pulse Secure Pulse Connect Secure产品代码注入漏洞
Vulnerability Description
Pulse Connect Secure(又名PCS,前称Juniper PCS)PSC6000、PCS6500、MAG PSC360和PPS都是美国Pulse Secure公司的产品。PCS是一套SSL VPN解决方案。PPS是一套NAC和BYOD解决方案。 多款Pulse Secure PCS产品中存在安全漏洞,该漏洞源于程序启用Hardware Acceleration时,没有正确验证Finished TLS握手消息。远程攻击者可借助特制的Finished消息利用该漏洞实施中间人攻击。以下产品及版本
CVSS Information
N/A
Vulnerability Type
N/A