Search
Appgate SDP
SDP Overview
Learn how Appgate SDP reduces risk and complexity, and why it's the industry's most comprehensive Zero Trust network access solution.
How Appgate SDP Works
Find out about the inner-workings of the most flexible and adaptable Zero Trust Network Access solution available today.
SDP Integrations
Explore security, IT and business-system integrations that can enhance and help you adapt Appgate SDP to your existing workflows
SDP for Developers
Access developer tools and resources to maximize the value of your Appgate SDP deployment.
Zero Trust Network Access for:
Risk-Based Authentication
Overview
Learn how Risk-Based Authentication provides a frictionless, intelligent and data-informed approach to user authentication.
Strong Authentication
Find out how you can provide secure, frictionless access with the right multi-factor authentication method.
Transaction Monitoring
Explore the tools you can use to intelligently identify and prevent online fraud.
Behavioral Biometrics Service
Learn how behavioral analysis and machine learning stop fraudulent online web activity in real-time.
Secure Consumer Access for:
Digital Threat Protection
Overview
Discover how you can gain unparalleled threat visibility and the risk management tools that enable early identification and elimination of potential attacks.
Key Features
Take a deep dive into the features and tools contained within our industry-leading Digital Threat Protection (DTP) solution.
Word Wall Black Red png
SECURE NETWORK ACCESS

Nicole IbarraNovember 9, 2021

Pulse Secure VPN Critical Vulnerabilities and Exposures (CVE)

We’ve said it before and we’ll say it again. VPNs have well overstayed their welcome. Here’s a look at some of the news headlines and CVEs related to Pulse Connect Secure.

Share

We’ve always advocated for Zero Trust Network Access (ZTNA) as the superior alternative to VPNs. Unpatched and outdated VPNs can host critical vulnerabilities and introduce various complexities.

If you’re having trouble convincing your organization to replace Pulse Connect Secure VPN with a Zero Trust solution, here are a few reasons:

  • Pulse Secure was the entry point for an April 2021 breach that impacted multiple government agencies
    • As reported by CNN, hackers repeatedly took advantage of vulnerabilities in Pulse Secure VPN to gain access to government agencies, defense companies and financial institutions in the U.S. and Europe. This incident prompted immediate action from CISA demanding agencies take immediate action to remediate effects of the hack that was initially difficult to identify, leaving organizations vulnerable for an extended period.
  • The Pulse Secure VPN has been reported to be an impediment to users trying to complete daily tasks
    • As reported by the Daily Mail, earlier this year, an expired Pulse Connect Secure blocked thousands of end users from connecting to their critical company resources leaving them unable to complete crucial tasks. Widely distributed workforces simply cannot afford multi-day interruptions or a vulnerable network.
  • Several past and present vulnerabilities associated with Pulse Connect Secure include:
    • CVE-2021-22908: has a CVSS score of 8.5 out of a maximum of 10 and impacts Pulse Connect Secure versions 9.0Rx and 9.1Rx. In a report detailing the vulnerability, the CERT Coordination Center said the issue stems from the gateway's ability to connect to Windows file shares through several CGI endpoints that could be leveraged to carry out an attack.
    • CVE-2021-22893: according to ZDNET, this is a significant vulnerability with a severity score of 10 out of 10 with deployed malware designed to bypass two-factor authentication.
  • Zero Trust Network Access (ZTNA) delivers superior secure remote access
    • Appgate SDP provides stronger and simpler access controls for all users and devices to any workload, anywhere. This is why we were named a Leader in the 2021 Forrester ZTNA New Wave with the highest position for current offering. Key benefits include:
      • Reducing your attack surface by cloaking all infrastructure
      • Continuously evaluate identity and contextual risk as criterial for access
      • Limit lateral movement and your blast radius with fine-grained micro-segmentation
      • Unleash automation and programable security via robust APIs
      • Deliver superior user experience that empowers how people work today

We get it! Adopting new technology while contractually locked into old investments is hard to justify. Not anymore.

We want to replace your existing VPN. That’s why we’re offering to buy out your VPN support contract. This is a limited time offer that expires Dec 31st 2021.

To learn more and start your Zero Trust journey without the burden of legacy investments click here.

Receive News and Updates From Appgate