You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
unpatched servers
About this tag
Unpatched servers, particularly Pulse Secure VPN appliances, remain a prime target for malicious actors due to unaddressed vulnerabilities. A notable example is CVE-2019-11510, a remote code execution flaw disclosed and patched by Pulse Secure in April 2019. Despite the availability of fixes, many organizations failed to apply updates, leading to continued exploitation. The Cybersecurity and Infrastructure Security Agency (CISA) has observed ongoing attacks against these unpatched servers, emphasizing the critical need for timely patch management. This tag covers discussions around the risks, real-world exploits, and security advisories related to unpatched servers, highlighting the importance of maintaining up-to-date systems to prevent compromise.
Original release date: January 10, 2020
Summary
Unpatched Pulse Secure VPN servers continue to be an attractive target for malicious actors. Affected organizations that have not applied the software patch to fix a remote code execution (RCE) vulnerability, known as CVE-2019-11510, can become...