The Terminal Services Remote Desktop Protocol (RDP) client session restrictions feature in Pulse Connect Secure (aka PCS) 8.1R7 and 8.2R1 allow remote authenticated users to bypass intended access restrictions via unspecified vectors.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:M/C:N/I:P/A:N
Vendors Products
Pulsesecure
  • Pulse Connect Secure

Configuration 1 [-]

OR cpe:2.3:a:pulsesecure:pulse_connect_secure:8.1r7:*:*:*:*:*:*:*
cpe:2.3:a:pulsesecure:pulse_connect_secure:8.2r1:*:*:*:*:*:*:*
References
Link Resource
http://www.securitytracker.com/id/1035129
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40166 Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:16:16

Updated: 2022-10-03T16:16:16

Reserved: 2022-10-03T00:00:00

Link: CVE-2016-3985

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2016-04-12T02:00:08.227

Modified: 2016-04-18T16:24:36.950

Link: CVE-2016-3985

JSON object: View

cve-icon Redhat Information

No data.

CWE