Search criteria
8 vulnerabilities found for smartpass by juniper
VAR-201305-0317
Vulnerability from variot - Updated: 2024-02-01 23:06Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Juniper Networks SmartPass is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. SmartPass 8.0 MR1 and 7.7 MR2 are vulnerable. Juniper Networks SmartPass is a security management application of Juniper Networks (Juniper Networks), which can implement dynamic access control on all users and devices on the wireless LAN
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201305-0317",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smartpass",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "7.7"
},
{
"model": "smartpass",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "mr2"
},
{
"model": "smartpass mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.7"
},
{
"model": "smartpass mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass mr3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "7.7"
}
],
"sources": [
{
"db": "BID",
"id": "59757"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:juniper:smartpass:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:smartpass:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ross Bushby of KRYPSYS",
"sources": [
{
"db": "BID",
"id": "59757"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3498",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-3498",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-63500",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-3498",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201305-181",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-63500",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63500"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Juniper Networks SmartPass is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSmartPass 8.0 MR1 and 7.7 MR2 are vulnerable. Juniper Networks SmartPass is a security management application of Juniper Networks (Juniper Networks), which can implement dynamic access control on all users and devices on the wireless LAN",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3498"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "BID",
"id": "59757"
},
{
"db": "VULHUB",
"id": "VHN-63500"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3498",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "53359",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1028529",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10568",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201305-181",
"trust": 0.7
},
{
"db": "BID",
"id": "59757",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-63500",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63500"
},
{
"db": "BID",
"id": "59757"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"id": "VAR-201305-0317",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63500"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-01T23:06:53.471000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartPass",
"trust": 0.8,
"url": "http://www.juniper.net/jp/jp/products-services/software/security/smartpass/"
},
{
"title": "KB27375",
"trust": 0.8,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=kb27375"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63500"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1028529"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/53359"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84110"
},
{
"trust": 1.0,
"url": "https://supportportal.juniper.net/jsa10568"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3498"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3498"
},
{
"trust": 0.7,
"url": "https://kb.juniper.net/kb27375"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/us/en/products-services/software/security/smartpass/"
},
{
"trust": 0.3,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=kb27375"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63500"
},
{
"db": "BID",
"id": "59757"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63500"
},
{
"db": "BID",
"id": "59757"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-08T00:00:00",
"db": "VULHUB",
"id": "VHN-63500"
},
{
"date": "2013-05-08T00:00:00",
"db": "BID",
"id": "59757"
},
{
"date": "2013-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"date": "2013-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"date": "2013-05-08T23:55:01.107000",
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-63500"
},
{
"date": "2013-05-08T00:00:00",
"db": "BID",
"id": "59757"
},
{
"date": "2013-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"date": "2013-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"date": "2024-01-29T15:15:08.613000",
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper SmartPass WLAN Security Management Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
}
],
"trust": 0.6
}
}
VAR-201412-0213
Vulnerability from variot - Updated: 2023-12-18 13:48Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors. The Juniper WLC Series is a wireless LAN controller. Juniper WLC Series Devices are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to crash, denying service to legitimate users. The following releases are affected: Juniper WLC devices using releases 8.0, 9.0, and 9.1 of the WLAN software
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0213",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ringmaster",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "ringmaster",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "ringmaster",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0.2.1"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0.2.2"
},
{
"model": "ringmaster",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "ringmaster",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0.3.2"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0.3.6"
},
{
"model": "ringmaster",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "9.0.2.1"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "8.0.2.1"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "8.0.3.1"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "9.0.2.5"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.1.1"
},
{
"model": "ringmaster software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.2.11"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.3.5"
},
{
"model": "mobile system software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.1.x"
},
{
"model": "ringmaster software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.x"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.2.11"
},
{
"model": "smartpass",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.3.x"
},
{
"model": "smartpass",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.x"
},
{
"model": "ringmaster software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.3.x"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.1.1"
},
{
"model": "smartpass",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0.x"
},
{
"model": "ringmaster software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0.x"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.2.11"
},
{
"model": "ringmaster software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0.4"
},
{
"model": "ringmaster software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.1.x"
},
{
"model": "smartpass",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.1.x"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0.4"
},
{
"model": "mobile system software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.x"
},
{
"model": "ringmaster software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.3.5"
},
{
"model": "mobile system software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.3.x"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.3.5"
},
{
"model": "ringmaster software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.1.1"
},
{
"model": "mobile system software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0.x"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0.4"
},
{
"model": "wlc series",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "NVD",
"id": "CVE-2014-6381"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:juniper:smartpass:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:smartpass:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:smartpass:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:smartpass:8.0.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:smartpass:8.0.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:juniper:mobile_system_software:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:mobile_system_software:8.0.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:mobile_system_software:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:mobile_system_software:9.0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:mobile_system_software:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:mobile_system_software:8.0.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:juniper:ringmaster:9.0.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:ringmaster:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:ringmaster:8.0.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:ringmaster:8.0.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:ringmaster:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:ringmaster:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-6381"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "71612"
}
],
"trust": 0.3
},
"cve": "CVE-2014-6381",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 2.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-6381",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "CNVD-2014-08956",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "VHN-74325",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-6381",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2014-08956",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-311",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-74325",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "VULHUB",
"id": "VHN-74325"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "NVD",
"id": "CVE-2014-6381"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when \"Proxy ARP\" or \"No Broadcast\" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors. The Juniper WLC Series is a wireless LAN controller. Juniper WLC Series Devices are prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause an affected device to crash, denying service to legitimate users. The following releases are affected: Juniper WLC devices using releases 8.0, 9.0, and 9.1 of the WLAN software",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-6381"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "BID",
"id": "71612"
},
{
"db": "VULHUB",
"id": "VHN-74325"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-6381",
"trust": 3.4
},
{
"db": "BID",
"id": "71612",
"trust": 2.6
},
{
"db": "JUNIPER",
"id": "JSA10662",
"trust": 2.3
},
{
"db": "SECTRACK",
"id": "1031360",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-311",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-08956",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-74325",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "VULHUB",
"id": "VHN-74325"
},
{
"db": "BID",
"id": "71612"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "NVD",
"id": "CVE-2014-6381"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
}
]
},
"id": "VAR-201412-0213",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "VULHUB",
"id": "VHN-74325"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
}
]
},
"last_update_date": "2023-12-18T13:48:56.720000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "JSA10662",
"trust": 0.8,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10662"
},
{
"title": "Juniper WLC Series Devices Patch for Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/52902"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-74325"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "NVD",
"id": "CVE-2014-6381"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10662"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/71612"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1031360"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6381"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-6381"
},
{
"trust": 0.1,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10662"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "VULHUB",
"id": "VHN-74325"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "NVD",
"id": "CVE-2014-6381"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "VULHUB",
"id": "VHN-74325"
},
{
"db": "BID",
"id": "71612"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "NVD",
"id": "CVE-2014-6381"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-74325"
},
{
"date": "2014-12-11T00:00:00",
"db": "BID",
"id": "71612"
},
{
"date": "2014-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"date": "2014-12-12T15:59:03.057000",
"db": "NVD",
"id": "CVE-2014-6381"
},
{
"date": "2014-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-311"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"date": "2014-12-16T00:00:00",
"db": "VULHUB",
"id": "VHN-74325"
},
{
"date": "2014-12-11T00:00:00",
"db": "BID",
"id": "71612"
},
{
"date": "2014-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"date": "2014-12-16T13:54:08.217000",
"db": "NVD",
"id": "CVE-2014-6381"
},
{
"date": "2014-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-311"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper WLC Device WLAN Software Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
}
],
"trust": 0.6
}
}
FKIE_CVE-2014-6381
Vulnerability from fkie_nvd - Published: 2014-12-12 15:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | smartpass | 8.0 | |
| juniper | smartpass | 8.0.2.1 | |
| juniper | smartpass | 8.0.3.1 | |
| juniper | smartpass | 9.0 | |
| juniper | smartpass | 9.1 | |
| juniper | mobile_system_software | 8.0 | |
| juniper | mobile_system_software | 8.0.2.2 | |
| juniper | mobile_system_software | 8.0.3.6 | |
| juniper | mobile_system_software | 9.0 | |
| juniper | mobile_system_software | 9.0.2.5 | |
| juniper | mobile_system_software | 9.1 | |
| juniper | ringmaster | 8.0 | |
| juniper | ringmaster | 8.0.2.1 | |
| juniper | ringmaster | 8.0.3.2 | |
| juniper | ringmaster | 9.0 | |
| juniper | ringmaster | 9.0.2.1 | |
| juniper | ringmaster | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:smartpass:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC24E9D-9B9F-445C-B45F-2DAFB305E105",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:smartpass:8.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD6E2155-0A0E-4F83-92F6-DA8FE562D0AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:smartpass:8.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E1A524BC-F18A-4503-8109-A3E382A22145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:smartpass:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4C06F0E-1F1E-4E6A-98FD-409A62387F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:smartpass:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83E54C28-520F-413A-923C-52C4A17045CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:mobile_system_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2303B27-A8D2-4779-A4B4-2C62DD03E9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:mobile_system_software:8.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "190B5633-4ADA-44E2-9EE0-4B54CDC0031D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:mobile_system_software:8.0.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "065CC012-B3F6-4F87-9DC0-5F66362DF42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:mobile_system_software:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "734E4638-546C-4FF8-8E4D-C73DE40A6B3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:mobile_system_software:9.0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9F432B82-61AF-445D-8960-1E14453E02A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:mobile_system_software:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A898DA64-65B0-4D5C-80F4-E336EF0389EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:ringmaster:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B1DAD0-C7DB-45CD-90E7-19CC572812D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:ringmaster:8.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BA1D222-BC4A-49D1-B180-250DA9F8F363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:ringmaster:8.0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D32D86F-0BB4-4849-84E1-B7DAEC8BFCB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:ringmaster:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F72F38BE-07E4-4D2A-A6EB-4B84C3C07145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:ringmaster:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5EEEF5D9-FFA6-4C95-B8B3-FF33C5FDF610",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:ringmaster:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83CD65A1-9C9A-4022-8401-2BC4BF9138B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when \"Proxy ARP\" or \"No Broadcast\" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors."
},
{
"lang": "es",
"value": "Los dispositivos Juniper WLC con versiones de Software WLAN 8.0.x anterior a 8.0.4, 9.0.x anterior a 9.0.2.11, 9.0.3.x anterior a 9.0.3.5, y 9.1.x anterior a 9.1.1, cuando las caracteristicas \u0027Proxy ARP\u0027 o \u0027No Broadcast\u0027 est\u00e1n habilitadas en una configuraci\u00f3n en cluster, permite a atacantes remotos causar una denegaci\u00f3n de servicio (desconexi\u00f3n de dispositivo) a trav\u00e9s de vectores no especificado."
}
],
"id": "CVE-2014-6381",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-12T15:59:03.057",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/71612"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1031360"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-3498
Vulnerability from fkie_nvd - Published: 2013-05-08 23:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:smartpass:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB83E34-114E-47DC-BBC7-71A7AD1B4D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:smartpass:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC24E9D-9B9F-445C-B45F-2DAFB305E105",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en Juniper SmartPass WLAN Security Management v7.7 MR3 antes y antes MR2 v8.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-3498",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-05-08T23:55:01.107",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/53359"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securitytracker.com/id/1028529"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84110"
},
{
"source": "cve@mitre.org",
"url": "https://supportportal.juniper.net/JSA10568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/53359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securitytracker.com/id/1028529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://supportportal.juniper.net/JSA10568"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-6381 (GCVE-0-2014-6381)
Vulnerability from cvelistv5 – Published: 2014-12-12 15:00 – Updated: 2024-08-06 12:17
VLAI?
Summary
Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:17:23.935Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "71612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71612"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"name": "1031360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031360"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when \"Proxy ARP\" or \"No Broadcast\" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-12T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "71612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71612"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"name": "1031360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031360"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6381",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when \"Proxy ARP\" or \"No Broadcast\" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "71612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71612"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"name": "1031360",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031360"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-6381",
"datePublished": "2014-12-12T15:00:00",
"dateReserved": "2014-09-11T00:00:00",
"dateUpdated": "2024-08-06T12:17:23.935Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3498 (GCVE-0-2013-3498)
Vulnerability from cvelistv5 – Published: 2013-05-08 00:00 – Updated: 2024-08-06 16:14
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:54.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1028529",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028529"
},
{
"name": "juniper-smartpass-cve20133498-xss(84110)",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84110"
},
{
"name": "53359",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/53359"
},
{
"tags": [
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA10568"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-29T15:05:12.588587",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1028529",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1028529"
},
{
"name": "juniper-smartpass-cve20133498-xss(84110)",
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84110"
},
{
"name": "53359",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/53359"
},
{
"url": "https://supportportal.juniper.net/JSA10568"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3498",
"datePublished": "2013-05-08T00:00:00",
"dateReserved": "2013-05-07T00:00:00",
"dateUpdated": "2024-08-06T16:14:54.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6381 (GCVE-0-2014-6381)
Vulnerability from nvd – Published: 2014-12-12 15:00 – Updated: 2024-08-06 12:17
VLAI?
Summary
Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:17:23.935Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "71612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71612"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"name": "1031360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031360"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when \"Proxy ARP\" or \"No Broadcast\" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-12T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "71612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71612"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"name": "1031360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031360"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6381",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when \"Proxy ARP\" or \"No Broadcast\" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "71612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71612"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"name": "1031360",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031360"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-6381",
"datePublished": "2014-12-12T15:00:00",
"dateReserved": "2014-09-11T00:00:00",
"dateUpdated": "2024-08-06T12:17:23.935Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3498 (GCVE-0-2013-3498)
Vulnerability from nvd – Published: 2013-05-08 00:00 – Updated: 2024-08-06 16:14
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:54.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1028529",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028529"
},
{
"name": "juniper-smartpass-cve20133498-xss(84110)",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84110"
},
{
"name": "53359",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/53359"
},
{
"tags": [
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA10568"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-29T15:05:12.588587",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1028529",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1028529"
},
{
"name": "juniper-smartpass-cve20133498-xss(84110)",
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84110"
},
{
"name": "53359",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/53359"
},
{
"url": "https://supportportal.juniper.net/JSA10568"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3498",
"datePublished": "2013-05-08T00:00:00",
"dateReserved": "2013-05-07T00:00:00",
"dateUpdated": "2024-08-06T16:14:54.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}