A new policy (baseline version 201805080540) for the Virtual Web Application Firewall is now available. Change log:
- Added: Java Remote Code Execution using remote classloading
This is a new rule added in this baseline update: there are a number of ways in which attackers can execute malicious code using Java commands including java.lang.ProcessBuilder or java.net.URLClassLoader, resulting in remote code execution.
You can configure your Pulse vWAF to download and update this baseline update automatically, or else there is a zip archive attached to this message which contains this policy. The archive needs to be extracted before it can be uploaded to the WAF (either via web UI or REST API).
For more information:
For more information, please refer to the release notes, available on the download portal. A complete set of user documentation is also available on http://pulsesecure.net/techpubs.