Lucene search
RootSSV:61140HistoryDec 17, 2013 - 12:00 a.m.
Juniper Junos Pulse Secure Access Service (IVE)跨站脚本漏洞
2013-12-1700:00:00
Root
www.seebug.org
11
0.001 Low
EPSS
Percentile
39.8%
CVE ID:CVE-2013-6956
Juniper Networks的Secure Access是企业级的SSL VPN接入设备,设备上所运行的操作系统为Juniper IVE OS。
Juniper Junos Pulse Secure Access Service (IVE)在重写特性页面时没有正确过滤用户提交的输入,允许远程攻击者利用漏洞进行跨站脚本攻击,可构建恶意URI,诱使用户解析,可获取敏感信息或者劫持用户会话。
0
Juniper IVE OS 8.0
Juniper IVE OS 7.4r5
Juniper IVE OS 7.3r7
Juniper IVE OS 7.1r16
厂商补丁:
Juniper
Juniper IVE OS 8.0r1, 7.4r6, 7.3r8, 7.1r17已经修复该漏洞,请到厂商的主页下载:
Related
nvd
nvd
CVE-2013-6956
2013-12-13 18:07:54
nessus
nessus
Juniper Junos Pulse Secure Access Service IVE OS (SSL VPN) XSS (JSA10602)
2013-12-14 00:00:00
prion
prion
Cross site scripting
2013-12-13 18:07:00
cvelist
cvelist
CVE-2013-6956
2013-12-13 18:00:00
cve
cve
CVE-2013-6956
2013-12-13 18:07:54