5 matches found
CVE-2014-3820
The CVE-2014-3820 anomaly is a documented XSS in Juniper Pulse Secure/Policy products. Affected are the SSL VPN/UAC web server on Junos Pulse Access Service (IVE OS: 7.1 before 7.1r16, 7.4 before 7.4r3, 8.0 before 8.0r1) and the Pulse Access Control Service (UAC OS: 4.1 before 4.1r8, 4.4 before 4...
CVE-2014-3824
CVE-2014-3824 describes a cross-site scripting (XSS) vulnerability in the web server of Juniper Junos Pulse Secure Access Service (SSL VPN) devices using IVE OS. The issue stems from incorrect user input validation on the SSL VPN web page, potentially enabling an attacker to inject arbitrary scri...
CVE-2013-3970
CVE-2013-3970 affects Juniper Junos Pulse Secure Access Service (SSL VPN) with IVE OS 7.0r2–7.0r8 and 7.1r1–7.1r5, and Junos Pulse Access Control Service (UAC) with UAC OS 4.1r1–4.1r5. The issue involves inadvertently including an internal/test CA certificate in the Trusted Server CAs list, which...
CVE-2013-5650
CVE-2013-5650 details (connected docs): The vulnerability affects Junos Pulse Secure Access Service (IVE) and Pulse Access Control Service (UAC) when a hardware SSL acceleration card is enabled. A crafted packet can trigger a denial of service resulting in a device hang. Public materials confirm ...
CVE-2014-3823
CVE-2014-3823 affects Juniper Junos Pulse Secure Access Service (SSL VPN) IVE OS: 8.0 before 8.0r1, 7.4 before 7.4r5, and 7.1 before 7.1r18. The vulnerability is a clickjacking issue exposed via unspecified vectors, allowing remote attackers to leverage UI framing protections. The issue was addre...