81 matches found
Junos Pulse Secure Access IVE / UAC OS XSS (JSA10645)
According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by a cross site scripting vulnerability due to incorrect user input validation on the SSL VPN / UAC web server. Note that this issue exists within a web page that is only accessible by an...
Junos Pulse Secure Access IVE OS Clickjacking (JSA10647)
According to its self-reported version, the version of IVE running on the remote host is affected by a clickjacking vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid77691; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate",...
Junos Pulse Secure Access IVE OS XSS (JSA10646)
According to its self-reported version, the version of IVE running on the remote host is affected by a cross site scripting vulnerability due to incorrect user input validation on the SSL VPN web server. Note that this issue exists within a web page that is only accessible by an authenticated use...
Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow
No description provided by source. $Id: junipersslvpnivesetupdll.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Junos Pulse Secure Access IVE / UAC OS Weak Cipher Information Disclosure (JSA10628)
According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by an information disclosure vulnerability due to an issue where cipher suites with weak encryption algorithms are used even when cipher suites with strong encryption algorithms are enabled....
Junos Pulse Secure Access IVE / UAC OS Multiple OpenSSL Vulnerabilities (JSA10629)
According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by multiple vulnerabilities : - An error exists in the function 'ssl3readbytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this issue i...
CVE-2014-3812
The CVE-2014-3812 issue affects Juniper Junos Pulse Secure Access Service (SSL VPN) IVE OS (<7.4r5) and 8.x (<8.0r1) and Junos Pulse Access Control Service (UAC) (<4.4r5) / 5.x (
CVE-2014-3812
The Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service UAC before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain...
Junos Pulse Secure Access IVE / UAC OS OpenSSL Heartbeat Information Disclosure (JSA10623) (Heartbleed)
According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to...
CVE-2014-2291
Cross-site scripting XSS vulnerability in the Pulse Collaboration Secure Meeting user pages in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows remote authenticated users to inject arbitrary web scrip...
Design/Logic Flaw
Unspecified vulnerability in the Linux Network Connect client in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows local users to gain privileges via unspecified vectors...
CVE-2014-2291
Pulse Secure Access Service (IVE OS) is affected by CVE-2014-2291 due to inadequate input validation on the Pulse Collaboration (Secure Meeting) user pages, allowing remote authenticated users to inject arbitrary HTML/Script. Impact per sources is that this affects Juniper Junos Pulse Secure Acce...
Juniper Junos Pulse Secure Access Service跨站脚本漏洞
CVE ID:CVE-2014-2291 Juniper Networks的Secure Access是企业级的SSL VPN接入设备,设备上所运行的操作系统为Juniper IVE OS。 由于某些关于Pulse Collaboration Secure Meeting用户页面的输入在返回用户前没有正确过滤,攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中执行任意HTML和脚本代码。 0 Juniper IVE OS Software 7.x Juniper IVE OS Software 8.x Juniper Junos Pulse Secure Access Service...
Juniper Junos Pulse Secure Access Service IVE OS (SSL VPN) XSS (JSA10617)
According to its self-reported version, the version of Juniper Junos Pulse Secure Access Service IVE OS running on the remote host is affected by an unspecified cross-site scripting vulnerability that is present within the Pulse Collaboration Secure Meeting user pages. An attacker could exploit...
Juniper Junos Pulse Secure Access Service (IVE)跨站脚本漏洞
CVE ID:CVE-2013-6956 Juniper Networks的Secure Access是企业级的SSL VPN接入设备,设备上所运行的操作系统为Juniper IVE OS。 Juniper Junos Pulse Secure Access Service IVE在重写特性页面时没有正确过滤用户提交的输入,允许远程攻击者利用漏洞进行跨站脚本攻击,可构建恶意URI,诱使用户解析,可获取敏感信息或者劫持用户会话。 0 Juniper IVE OS 8.0 Juniper IVE OS 7.4r5 Juniper IVE OS 7.3r7 Juniper IVE OS...
Juniper Junos Pulse Secure Access Service IVE OS (SSL VPN) XSS (JSA10602)
According to its self-reported version, the version of Juniper Junos Pulse Secure Access Service IVE OS running on the remote host is affected by an unspecified cross-site scripting vulnerability that is present within a file that pertains to Secure Access Service Web rewriting feature pages host...
CVE-2013-6956
Cross-site scripting XSS vulnerability in the Secure Access Service Web rewriting feature in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS before 7.1r17, 7.3 before 7.3r8, 7.4 before 7.4r6, and 8.0 before 8.0r1, when web rewrite is enabled, allows remote authenticated users to...
Cross site scripting
Cross-site scripting XSS vulnerability in the Secure Access Service Web rewriting feature in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS before 7.1r17, 7.3 before 7.3r8, 7.4 before 7.4r6, and 8.0 before 8.0r1, when web rewrite is enabled, allows remote authenticated users to...
CVE-2013-6956
CVE-2013-6956 affects Juniper Junos Pulse Secure Access Service (IVE OS) when the web rewriting feature is enabled. The issue is a cross-site scripting vulnerability in the web rewrite pages, exploitable by remote authenticated users to inject arbitrary script or HTML. Affected IVE OS versions in...
CVE-2013-6956
Cross-site scripting XSS vulnerability in the Secure Access Service Web rewriting feature in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS before 7.1r17, 7.3 before 7.3r8, 7.4 before 7.4r6, and 8.0 before 8.0r1, when web rewrite is enabled, allows remote authenticated users to...