Intrusion Prevention

Pulse.Secure.Platform.Stack-Based.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Buffer Overflow Vulnerability in Pulse Policy Secure.
A remote, authenticated attacker could exploit this vulnerability by sending a crafted request to a vulnerable server. Successful exploitation could result in execution of arbitrary code on the Pulse Secure server.

Affected Products

Pulse Connect Secure 8.1R1 - 8.1R15
Pulse Connect Secure 8.2R1 - 8.2R12
Pulse Connect Secure 8.3R1 - 8.3R7
Pulse Connect Secure 9.0R1 - 9.0R3.3
Pulse Policy Secure 5.1R1 - 5.1R15
Pulse Policy Secure 5.2R1 - 5.2R12
Pulse Policy Secure 5.3R1 - 5.3R12
Pulse Policy Secure 5.4R1 - 5.4R7
Pulse Policy Secure 9.0R1 - 9.0R3.3

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/

CVE References

CVE-2019-11542