CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 4CVE-2015-7323 – Junos Pulse Secure Meeting 8.0.5 Access Bypass
https://notcve.org/view.php?id=CVE-2015-7323
25 Sep 2015 — The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypass intended access restrictions and log into arbitrary meetings by leveraging a meeting id and meetingAppSun.jar. El Secure Meeting (Pulse Collaboration) en Pulse Connect Secure (anteriormente Juniper Junos Pulse) en versiones anteriores a 7.1R22.1, 7.4, 8.0 en versiones anteriores a 8.0R11 y 8.1 en versiones an... • https://packetstorm.news/files/id/133711 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.4EPSS: 0%CPEs: 8EXPL: 0CVE-2015-5369
https://notcve.org/view.php?id=CVE-2015-5369
11 Aug 2015 — Pulse Connect Secure (aka PCS and formerly Juniper PCS) PSC6000, PCS6500, and MAG PSC360 8.1 before 8.1r5, 8.0 before 8.0r13, 7.4 before 7.4r13.5, and 7.1 before 7.1r22.2 and PPS 5.1 before 5.1R5 and 5.0 before 5.0R13, when Hardware Acceleration is enabled, does not properly validate the Finished TLS handshake message, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted Finished message. Vulnerabilidad en Pulse Connect Secure (también conocido como PCS y anteriormen... • http://kb.juniper.net/InfoCenter/index?page=content&id=TSB16756 • CWE-17: DEPRECATED: Code CWE-20: Improper Input Validation •