Lucene search
K

81 matches found

Tenable Nessus
Tenable Nessus
added 2014/09/15 12:0 a.m.34 views

Junos Pulse Secure Access IVE / UAC OS XSS (JSA10645)

According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by a cross site scripting vulnerability due to incorrect user input validation on the SSL VPN / UAC web server. Note that this issue exists within a web page that is only accessible by an...

4.3CVSS5.2AI score0.00786EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/09/15 12:0 a.m.26 views

Junos Pulse Secure Access IVE OS Clickjacking (JSA10647)

According to its self-reported version, the version of IVE running on the remote host is affected by a clickjacking vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid77691; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate",...

4.3CVSS5.5AI score0.00958EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/09/15 12:0 a.m.38 views

Junos Pulse Secure Access IVE OS XSS (JSA10646)

According to its self-reported version, the version of IVE running on the remote host is affected by a cross site scripting vulnerability due to incorrect user input validation on the SSL VPN web server. Note that this issue exists within a web page that is only accessible by an authenticated use...

4.3CVSS5.1AI score0.00931EPSS
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow

No description provided by source. $Id: junipersslvpnivesetupdll.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/30 12:0 a.m.41 views

Junos Pulse Secure Access IVE / UAC OS Weak Cipher Information Disclosure (JSA10628)

According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by an information disclosure vulnerability due to an issue where cipher suites with weak encryption algorithms are used even when cipher suites with strong encryption algorithms are enabled....

5CVSS5.5AI score0.00745EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/06/18 12:0 a.m.90 views

Junos Pulse Secure Access IVE / UAC OS Multiple OpenSSL Vulnerabilities (JSA10629)

According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by multiple vulnerabilities : - An error exists in the function 'ssl3readbytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this issue i...

7.4CVSS7.5AI score0.95326EPSS
Exploits9References11
CVE
CVE
added 2014/06/13 2:0 p.m.58 views

CVE-2014-3812

The CVE-2014-3812 issue affects Juniper Junos Pulse Secure Access Service (SSL VPN) IVE OS (<7.4r5) and 8.x (<8.0r1) and Junos Pulse Access Control Service (UAC) (<4.4r5) / 5.x (

5CVSS6.4AI score0.00745EPSS
Exploits0References1Affected Software18
Cvelist
Cvelist
added 2014/06/13 2:0 p.m.27 views

CVE-2014-3812

The Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service UAC before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain...

6.3AI score0.00745EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/04/18 12:0 a.m.106 views

Junos Pulse Secure Access IVE / UAC OS OpenSSL Heartbeat Information Disclosure (JSA10623) (Heartbleed)

According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to...

7.5CVSS8AI score0.99999EPSS
Exploits88References8
NVD
NVD
added 2014/03/14 3:55 p.m.24 views

CVE-2014-2291

Cross-site scripting XSS vulnerability in the Pulse Collaboration Secure Meeting user pages in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows remote authenticated users to inject arbitrary web scrip...

3.5CVSS5.2AI score0.00936EPSS
Exploits1References3
Prion
Prion
added 2014/03/14 3:55 p.m.17 views

Design/Logic Flaw

Unspecified vulnerability in the Linux Network Connect client in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows local users to gain privileges via unspecified vectors...

7.2CVSS7AI score0.00387EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2014/03/14 3:0 p.m.61 views

CVE-2014-2291

Pulse Secure Access Service (IVE OS) is affected by CVE-2014-2291 due to inadequate input validation on the Pulse Collaboration (Secure Meeting) user pages, allowing remote authenticated users to inject arbitrary HTML/Script. Impact per sources is that this affects Juniper Junos Pulse Secure Acce...

3.5CVSS5.3AI score0.00936EPSS
Exploits1References3Affected Software1
seebug.org
seebug.org
added 2014/03/14 12:0 a.m.40 views

Juniper Junos Pulse Secure Access Service跨站脚本漏洞

CVE ID:CVE-2014-2291 Juniper Networks的Secure Access是企业级的SSL VPN接入设备,设备上所运行的操作系统为Juniper IVE OS。 由于某些关于Pulse Collaboration Secure Meeting用户页面的输入在返回用户前没有正确过滤,攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中执行任意HTML和脚本代码。 0 Juniper IVE OS Software 7.x Juniper IVE OS Software 8.x Juniper Junos Pulse Secure Access Service...

3.5CVSS6.6AI score0.00936EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/03/14 12:0 a.m.33 views

Juniper Junos Pulse Secure Access Service IVE OS (SSL VPN) XSS (JSA10617)

According to its self-reported version, the version of Juniper Junos Pulse Secure Access Service IVE OS running on the remote host is affected by an unspecified cross-site scripting vulnerability that is present within the Pulse Collaboration Secure Meeting user pages. An attacker could exploit...

3.5CVSS5.7AI score0.00936EPSS
Exploits1References2
seebug.org
seebug.org
added 2013/12/17 12:0 a.m.32 views

Juniper Junos Pulse Secure Access Service (IVE)跨站脚本漏洞

CVE ID:CVE-2013-6956 Juniper Networks的Secure Access是企业级的SSL VPN接入设备,设备上所运行的操作系统为Juniper IVE OS。 Juniper Junos Pulse Secure Access Service IVE在重写特性页面时没有正确过滤用户提交的输入,允许远程攻击者利用漏洞进行跨站脚本攻击,可构建恶意URI,诱使用户解析,可获取敏感信息或者劫持用户会话。 0 Juniper IVE OS 8.0 Juniper IVE OS 7.4r5 Juniper IVE OS 7.3r7 Juniper IVE OS...

2.1CVSS6.6AI score0.00931EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2013/12/14 12:0 a.m.27 views

Juniper Junos Pulse Secure Access Service IVE OS (SSL VPN) XSS (JSA10602)

According to its self-reported version, the version of Juniper Junos Pulse Secure Access Service IVE OS running on the remote host is affected by an unspecified cross-site scripting vulnerability that is present within a file that pertains to Secure Access Service Web rewriting feature pages host...

2.1CVSS5.7AI score0.00931EPSS
Exploits1References2
NVD
NVD
added 2013/12/13 6:7 p.m.21 views

CVE-2013-6956

Cross-site scripting XSS vulnerability in the Secure Access Service Web rewriting feature in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS before 7.1r17, 7.3 before 7.3r8, 7.4 before 7.4r6, and 8.0 before 8.0r1, when web rewrite is enabled, allows remote authenticated users to...

2.1CVSS5.2AI score0.00931EPSS
Exploits1References3
Prion
Prion
added 2013/12/13 6:7 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Secure Access Service Web rewriting feature in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS before 7.1r17, 7.3 before 7.3r8, 7.4 before 7.4r6, and 8.0 before 8.0r1, when web rewrite is enabled, allows remote authenticated users to...

2.1CVSS5.7AI score0.00931EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2013/12/13 6:0 p.m.59 views

CVE-2013-6956

CVE-2013-6956 affects Juniper Junos Pulse Secure Access Service (IVE OS) when the web rewriting feature is enabled. The issue is a cross-site scripting vulnerability in the web rewrite pages, exploitable by remote authenticated users to inject arbitrary script or HTML. Affected IVE OS versions in...

2.1CVSS5.3AI score0.00931EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2013/12/13 6:0 p.m.27 views

CVE-2013-6956

Cross-site scripting XSS vulnerability in the Secure Access Service Web rewriting feature in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS before 7.1r17, 7.3 before 7.3r8, 7.4 before 7.4r6, and 8.0 before 8.0r1, when web rewrite is enabled, allows remote authenticated users to...

5.2AI score0.00931EPSS
Exploits1References3
Rows per page
Query Builder