Pulse Policy Secure Cross-Site Request Forgery (SA40793)
Medium Nessus Plugin ID 103053
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version, the version of Pluse Policy Secure running on the remote host is affected by a cross-site request forgery vulnerability in diag.cgi. This vulnerability may allow remote attackers to hijack the authentication of administrators for requests to start tcpdump.
SolutionUpgrade to or later.