6 matches found
CVE-2014-3824
Cross-site scripting XSS vulnerability in the web server in the Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS 8.0 before 8.0r6, 7.4 before 7.4r13, and 7.1 before 7.1r20 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Junos Pulse Secure Access IVE OS XSS (JSA10646)
According to its self-reported version, the version of IVE running on the remote host is affected by a cross site scripting vulnerability due to incorrect user input validation on the SSL VPN web server. Note that this issue exists within a web page that is only accessible by an authenticated use...
Junos Pulse Secure Access IVE / UAC OS Weak Cipher Information Disclosure (JSA10628)
According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by an information disclosure vulnerability due to an issue where cipher suites with weak encryption algorithms are used even when cipher suites with strong encryption algorithms are enabled....
Junos Pulse Secure Access IVE / UAC OS OpenSSL Heartbeat Information Disclosure (JSA10623) (Heartbleed)
According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by an information disclosure vulnerability. An out-of-bounds read error, known as the 'Heartbleed Bug', exists related to handling TLS heartbeat extensions that could allow an attacker to...
CVE-2013-5650
Junos Pulse Secure Access Service IVE 7.1 before 7.1r5, 7.2 before 7.2r10, 7.3 before 7.3r6, and 7.4 before 7.4r3 and Junos Pulse Access Control Service UAC 4.1 before 4.1r8.1, 4.2 before 4.2r5, 4.3 before 4.3r6 and 4.4 before 4.4r3, when a hardware SSL acceleration card is enabled, allows remote...
Design/Logic Flaw
Junos Pulse Secure Access Service IVE 7.1 before 7.1r5, 7.2 before 7.2r10, 7.3 before 7.3r6, and 7.4 before 7.4r3 and Junos Pulse Access Control Service UAC 4.1 before 4.1r8.1, 4.2 before 4.2r5, 4.3 before 4.3r6 and 4.4 before 4.4r3, when a hardware SSL acceleration card is enabled, allows remote...