Vulnerability Name:

CVE-2014-3823 (CCN-95979)

Assigned:2014-09-15
Published:2014-09-15
Updated:2014-10-01
Summary:The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 8.0 before 8.0r1, 7.4 before 7.4r5, and 7.1 before 7.1r18 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-20
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2014-3823

Source: CCN
Type: Juniper Networks Security Bulletin JSA10647
Junos Pulse Secure Access Service (SSL VPN): Clickjacking issue (CVE-2014-3823)

Source: CCN
Type: BID-69800
Junos Pulse Secure Access Service CVE-2014-3823 Clickjacking Vulnerability

Source: XF
Type: UNKNOWN
junos-pulse-cve20143823-clickjacking(95979)

Source: CONFIRM
Type: Vendor Advisory
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10647

Vulnerable Configuration:Configuration 1:
  • cpe:/a:juniper:junos_pulse_secure_access_service:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r1.1:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r2:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r3:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r4:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r5:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r6:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r7:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r8:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r9:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r10:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r11:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r12:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r13:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r14:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.1r15:*:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.4:r1.0:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.4:r2.0:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.4:r3.0:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:7.4:r4.0:*:*:*:*:*:*
  • OR cpe:/a:juniper:junos_pulse_secure_access_service:8.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:juniper:secure_access_700:-:*:*:*:*:*:*:*
  • OR cpe:/h:juniper:secure_access_2500:-:*:*:*:*:*:*:*
  • OR cpe:/h:juniper:fips_secure_access_4000:-:*:*:*:*:*:*:*
  • OR cpe:/h:juniper:secure_access_4500:-:*:*:*:*:*:*:*
  • OR cpe:/h:juniper:fips_secure_access_4500:-:*:*:*:*:*:*:*
  • OR cpe:/h:juniper:fips_secure_access_6000:-:*:*:*:*:*:*:*
  • OR cpe:/h:juniper:fips_secure_access_6500:-:*:*:*:*:*:*:*
  • OR cpe:/h:juniper:mag2600_gateway:-:*:*:*:*:*:*:*
  • OR cpe:/h:juniper:mag4610_gateway:-:*:*:*:*:*:*:*
  • OR cpe:/h:juniper:mag6610_gateway:-:*:*:*:*:*:*:*
  • OR cpe:/h:juniper:mag6611_gateway:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    juniper junos pulse secure access service 7.1
    juniper junos pulse secure access service 7.1r1.1
    juniper junos pulse secure access service 7.1r2
    juniper junos pulse secure access service 7.1r3
    juniper junos pulse secure access service 7.1r4
    juniper junos pulse secure access service 7.1r5
    juniper junos pulse secure access service 7.1r6
    juniper junos pulse secure access service 7.1r7
    juniper junos pulse secure access service 7.1r8
    juniper junos pulse secure access service 7.1r9
    juniper junos pulse secure access service 7.1r10
    juniper junos pulse secure access service 7.1r11
    juniper junos pulse secure access service 7.1r12
    juniper junos pulse secure access service 7.1r13
    juniper junos pulse secure access service 7.1r14
    juniper junos pulse secure access service 7.1r15
    juniper junos pulse secure access service 7.4 r1.0
    juniper junos pulse secure access service 7.4 r2.0
    juniper junos pulse secure access service 7.4 r3.0
    juniper junos pulse secure access service 7.4 r4.0
    juniper junos pulse secure access service 8.0
    juniper secure access 700 -
    juniper secure access 2500 -
    juniper fips secure access 4000 -
    juniper secure access 4500 -
    juniper fips secure access 4500 -
    juniper fips secure access 6000 -
    juniper fips secure access 6500 -
    juniper mag2600 gateway -
    juniper mag4610 gateway -
    juniper mag6610 gateway -
    juniper mag6611 gateway -