CVE-2014-3824CVE-2014-3824

Affected configuration(s):

cpe:/a:juniper:junos_pulse_secure_access_service:7.1
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r1
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r1.1
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r2
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r3
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r4
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r5
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r6
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r7
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r8
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r9
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r10
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r11
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r12
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r13
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r14
cpe:/a:juniper:junos_pulse_secure_access_service:7.1r15
cpe:/a:juniper:junos_pulse_secure_access_service:7.4:r1.0
cpe:/a:juniper:junos_pulse_secure_access_service:7.4:r2.0
cpe:/a:juniper:junos_pulse_secure_access_service:7.4:r3.0
cpe:/a:juniper:junos_pulse_secure_access_service:7.4:r4.0
cpe:/a:juniper:junos_pulse_secure_access_service:8.0

Date published: 2014-09-29T10:55:08.797-04:00

Date last modified: 2016-04-01T14:48:10.633-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://www.securityfocus.com/bid/69804

Summary: Cross-site scripting (XSS) vulnerability in the web server in the Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 8.0 before 8.0r6, 7.4 before 7.4r13, and 7.1 before 7.1r20 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.