CVE-2014-3824
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cross-site scripting (XSS) vulnerability in the web server in the Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 8.0 before 8.0r6, 7.4 before 7.4r13, and 7.1 before 7.1r20 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Vulnerabilidad de XSS en el servidor web en los dispositivos Juniper Junos Pulse Secure Access Service (SSL VPN) con IVE OS 8.0 anterior a 8.0r6, 7.4 anterior a 7.4r13, y 7.1 anterior a 7.1r20 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-05-21 CVE Reserved
- 2014-09-29 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/69804 | Vdb Entry | |
| https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10646 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r1 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r1" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r1.1 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r1.1" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r2 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r2" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r3 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r3" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r4 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r4" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r5 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r5" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r6 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r6" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r7 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r7" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r8 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r8" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r9 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r9" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r10 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r10" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r11 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r11" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r12 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r12" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r13 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r13" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r14 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r14" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.1r15 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.1r15" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.4 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.4" | r1.0 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.4 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.4" | r2.0 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.4 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.4" | r3.0 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 7.4 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "7.4" | r4.0 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Pulse Secure Access Service Search vendor "Juniper" for product "Junos Pulse Secure Access Service" | 8.0 Search vendor "Juniper" for product "Junos Pulse Secure Access Service" and version "8.0" | - |
Affected
| ||||||