Lucene search
This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.JUNOS_PULSE_SA_JSA10602.NASLHistoryDec 14, 2013 - 12:00 a.m.
Juniper Junos Pulse Secure Access Service IVE OS (SSL VPN) XSS (JSA10602)
2013-12-1400:00:00
This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
2.1 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
39.8%
According to its self-reported version, the version of Juniper Junos Pulse Secure Access Service IVE OS running on the remote host is affected by an unspecified cross-site scripting vulnerability that is present within a file that pertains to Secure Access Service Web rewriting feature pages hosted on the device’s web server. An attacker could exploit this issue by tricking a user into requesting a malicious URL, resulting in arbitrary script code execution.
Note that the issue is only present when the web rewrite feature is enabled on a user’s role.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(71429);
script_version("1.5");
script_cvs_date("Date: 2019/11/27");
script_cve_id("CVE-2013-6956");
script_bugtraq_id(64261);
script_name(english:"Juniper Junos Pulse Secure Access Service IVE OS (SSL VPN) XSS (JSA10602)");
script_summary(english:"Checks OS version");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, the version of Juniper Junos
Pulse Secure Access Service IVE OS running on the remote host is
affected by an unspecified cross-site scripting vulnerability that is
present within a file that pertains to Secure Access Service Web
rewriting feature pages hosted on the device's web server. An attacker
could exploit this issue by tricking a user into requesting a malicious
URL, resulting in arbitrary script code execution.
Note that the issue is only present when the web rewrite feature is
enabled on a user's role.");
script_set_attribute(attribute:"see_also", value:"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10602");
script_set_attribute(attribute:"solution", value:
"Upgrade to Juniper Junos Pulse Secure Access Service IVE OS version
7.1r17 / 7.3r8 / 7.4r6 / 8.0r1 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-6956");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);
script_set_attribute(attribute:"vuln_publication_date", value:"2013/12/12");
script_set_attribute(attribute:"patch_publication_date", value:"2013/10/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/14");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:juniper:ive_os");
script_set_attribute(attribute:"cpe", value:"cpe:/a:juniper:junos_pulse_secure_access_service");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/Juniper/IVE OS/Version", "Settings/ParanoidReport");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
if (report_paranoia < 2) audit(AUDIT_PARANOID);
version = get_kb_item_or_exit('Host/Juniper/IVE OS/Version');
match = eregmatch(string:version, pattern:"^([\d.]+)([Rr](\d+))?");
if (isnull(match)) exit(1, 'Error parsing version: ' + version);
release = match[1];
build = 0;
if (!isnull(match[2])) build = int(match[3]);
if (release == '7.1' && build < 17)
fix = '7.1r17';
else if (release == '7.3' && build < 8)
fix = '7.3r8';
else if (release == '7.4' && build < 6)
fix = '7.4r6';
else if (release == '8.0' && build < 1)
fix = '8.0r1';
else
audit(AUDIT_INST_VER_NOT_VULN, 'IVE OS', version);
set_kb_item(name:'www/0/XSS', value:TRUE);
if (report_verbosity > 0)
{
report =
'\n Installed version : ' + version +
'\n Fixed version : ' + fix + '\n';
security_note(port:0, extra:report);
}
else security_note(0);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| juniper | ive_os | cpe:/o:juniper:ive_os | |
| juniper | junos_pulse_secure_access_service | cpe:/a:juniper:junos_pulse_secure_access_service |
Related
seebug
seebug
Juniper Junos Pulse Secure Access Service (IVE)跨站脚本漏洞
2013-12-17 00:00:00
nvd
nvd
CVE-2013-6956
2013-12-13 18:07:54
prion
prion
Cross site scripting
2013-12-13 18:07:00
cvelist
cvelist
CVE-2013-6956
2013-12-13 18:00:00
cve
cve
CVE-2013-6956
2013-12-13 18:07:54
2.1 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
39.8%
Related for JUNOS_PULSE_SA_JSA10602.NASL