Headline
CVE-2021-22965: Public KB - KB44879 - Dsagentd process restart results in End-User disconnections on PCS devices.
A vulnerability in Pulse Connect Secure before 9.1R12.1 could allow an unauthenticated administrator to causes a denial of service when a malformed request is sent to the device.
Last Modified Date
10/5/2021 12:22 PM
Synopsis
This article describes an issue where Dsagentd process restart results in End-User Disconnections.
Problem or Goal
We have received several reports around the week of Sep 13, 2021 where Dsagentd restarts resulting in End-User Disconnections. This is known to affect multiple versions of Pulse Connect Secure (PCS) devices.
Note: This applies to both Hardware & Virtual instances.
Cause
Upon investigation, we see that the issue appears to have been caused by a malformed IKEv2 packet.
Solution
This issue is fixed in PCS 9.1R12.1 which can be downloaded from https://my.pulsesecure.net. The documentation can be found here.
Note:
- Customers who do not use IKEv2 feature can Block UDP Port 500 on their firewalls as a workaround so that IKEv2 packets do not reach PCS External/Internal Ports.
- Blocking UDP Port 500 will not affect VPN users using SSL/ESP Transport Modes.
If you still face the issue, please raise a support case with us.