Pulse Secure Pulse Connect Secure: Security Vulnerability in Pulse Connect Secue (PCS) RADIUS authentication mechanism (JSA10379)
Description
If RADIUSis being used as the authentication mechanism on PCS running an affected release of the OS, then in a specific scenario, an unauthenticated user may be able to get past the authentication step of the PCS login process. This issue was due to a bug in the software which resulted in a RADIUS Access-Request packet being sent to the backend RADIUS server with some fields containing the same values as the previous Access-Request packet which may have caused the RADIUS server to believe that this Access-Request is a duplicate packet. Depending on how the backend RADIUS server is configured to handle this duplicate Access-Request packet the authentication step may or may not succeed on PCS i.e. only if the backend RADIUS server responds with an Access-Accept packet without validating the credentials will authentication succeed. However if the RADIUS server validates the credentials presented in the (duplicate) Access-Request packet then this vulnerability does not pose any security risk.
Solution(s)
- pulse-secure-pulse-connect-secure-upgrade-6_0r3_2
- pulse-secure-pulse-connect-secure-upgrade-6_0r4_3
- pulse-secure-pulse-connect-secure-upgrade-6_0r5
- pulse-secure-pulse-connect-secure-upgrade-6_1r2_1
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center