Unrated severityNVD Advisory· Published Aug 11, 2015· Updated May 6, 2026

CVE-2015-5369

Description

Pulse Connect Secure (aka PCS and formerly Juniper PCS) PSC6000, PCS6500, and MAG PSC360 8.1 before 8.1r5, 8.0 before 8.0r13, 7.4 before 7.4r13.5, and 7.1 before 7.1r22.2 and PPS 5.1 before 5.1R5 and 5.0 before 5.0R13, when Hardware Acceleration is enabled, does not properly validate the Finished TLS handshake message, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted Finished message.

Affected products

Juniper Networks/Pulse Connect Secure5 versions
cpe:2.3:a:juniper:pulse_connect_secure:5.1:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:juniper:pulse_connect_secure:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:juniper:pulse_connect_secure:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:juniper:pulse_connect_secure:7.4:*:*:*:*:*:*:*
- cpe:2.3:a:juniper:pulse_connect_secure:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:juniper:pulse_connect_secure:8.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000