cvelistv5 - cve-2014-3812

CVE-2014-3812 (GCVE-0-2014-3812)

Vulnerability from cvelistv5 – Published: 2014-06-13 14:00 – Updated: 2024-08-06 10:57

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

http://kb.juniper.net/InfoCenter/index?page=conte…

x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:57:17.827Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-06-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-06-13T13:57:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-3812",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-3812",
    "datePublished": "2014-06-13T14:00:00",
    "dateReserved": "2014-05-21T00:00:00",
    "dateUpdated": "2024-08-06T10:57:17.827Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:ive_os:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7F2DEC8-F096-4519-B194-2D1B0FFB8D0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:ive_os:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"536AF492-C6FF-4C5F-A5DF-DA14DFE8A41F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:unified_access_control_software:4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9385034-54D6-4EA1-953C-3F1A32FB8B7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:unified_access_control_software:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98D9A201-54F7-4CAE-B3B8-0BEC64DAA696\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:fips_infranet_controller_6500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4B171E2-3E7D-42CE-8F16-0C232222EC63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:fips_secure_access_4000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80CC7A54-95DD-4C60-8A99-21F800616784\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:fips_secure_access_4500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B68C4310-771E-4E8F-9C62-6EBE233FCB92\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:fips_secure_access_6000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55331F37-6F9B-48A8-BBB3-BE9EBF4C2B3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:fips_secure_access_6500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"528028F3-3F3F-4354-A1D7-2EF66BA27CEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:infranet_controller_4000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D39E3026-7E64-4201-8801-5138C52EA3BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:infranet_controller_4500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1220A6C-A397-4BDD-A7D1-BF16BC35CE4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:infranet_controller_6000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"602D3D3E-6859-4E6D-AF61-D58D26C78E65\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:infranet_controller_6500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4384E5A3-9D09-4340-943A-BB3408D85B8D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:mag2600_gateway:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1EE557B9-DF6D-4C20-98BE-E934D187CCFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:mag4610_gateway:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB174F88-B643-4338-BCD6-A9CD0EDB54A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:mag6610_gateway:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"115C8834-8BD1-4561-8B98-AE29E3B9C1C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:mag6611_gateway:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"54C5F933-61BB-40EA-9ADC-C22CFE8F9D1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:secure_access_2500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82E5E8BD-68B9-4C94-A1F0-3F5C3EC7620A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:secure_access_4500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"641091CF-F671-4AD7-B10F-E50497AC462B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:secure_access_700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42FB27DD-D685-4D5E-8DAF-7A34DE33AB59\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network.\"}, {\"lang\": \"es\", \"value\": \"Los dispositivos Juniper Junos Pulse Secure Access Service (SSL VPN) con IVE OS anterior a 7.4r5 y 8.x anterior a 8.0r1 y Junos Pulse Access Control Service (UAC) anterior a 4.4r5 y 5.x anterior a 5.0r1 habilitan suites de cifrado con algoritmos de codificaci\\u00f3n d\\u00e9biles, lo que facilita a atacantes remotos obtener informaci\\u00f3n sensible mediante la captura de trafico de red.\"}]",
      "id": "CVE-2014-3812",
      "lastModified": "2024-11-21T02:08:54.057",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2014-06-13T14:55:16.040",
      "references": "[{\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-310\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-3812\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-06-13T14:55:16.040\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network.\"},{\"lang\":\"es\",\"value\":\"Los dispositivos Juniper Junos Pulse Secure Access Service (SSL VPN) con IVE OS anterior a 7.4r5 y 8.x anterior a 8.0r1 y Junos Pulse Access Control Service (UAC) anterior a 4.4r5 y 5.x anterior a 5.0r1 habilitan suites de cifrado con algoritmos de codificaci\u00f3n d\u00e9biles, lo que facilita a atacantes remotos obtener informaci\u00f3n sensible mediante la captura de trafico de red.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:ive_os:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7F2DEC8-F096-4519-B194-2D1B0FFB8D0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:ive_os:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"536AF492-C6FF-4C5F-A5DF-DA14DFE8A41F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:unified_access_control_software:4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9385034-54D6-4EA1-953C-3F1A32FB8B7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:unified_access_control_software:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98D9A201-54F7-4CAE-B3B8-0BEC64DAA696\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:fips_infranet_controller_6500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4B171E2-3E7D-42CE-8F16-0C232222EC63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:fips_secure_access_4000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80CC7A54-95DD-4C60-8A99-21F800616784\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:fips_secure_access_4500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B68C4310-771E-4E8F-9C62-6EBE233FCB92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:fips_secure_access_6000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55331F37-6F9B-48A8-BBB3-BE9EBF4C2B3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:fips_secure_access_6500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"528028F3-3F3F-4354-A1D7-2EF66BA27CEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:infranet_controller_4000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D39E3026-7E64-4201-8801-5138C52EA3BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:infranet_controller_4500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1220A6C-A397-4BDD-A7D1-BF16BC35CE4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:infranet_controller_6000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"602D3D3E-6859-4E6D-AF61-D58D26C78E65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:infranet_controller_6500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4384E5A3-9D09-4340-943A-BB3408D85B8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:mag2600_gateway:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EE557B9-DF6D-4C20-98BE-E934D187CCFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:mag4610_gateway:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB174F88-B643-4338-BCD6-A9CD0EDB54A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:mag6610_gateway:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"115C8834-8BD1-4561-8B98-AE29E3B9C1C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:mag6611_gateway:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54C5F933-61BB-40EA-9ADC-C22CFE8F9D1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:secure_access_2500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82E5E8BD-68B9-4C94-A1F0-3F5C3EC7620A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:secure_access_4500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"641091CF-F671-4AD7-B10F-E50497AC462B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:secure_access_700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42FB27DD-D685-4D5E-8DAF-7A34DE33AB59\"}]}]}],\"references\":[{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GSD-2014-3812

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-3812

Aliases

CVE-2014-3812

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-3812",
    "description": "The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network.",
    "id": "GSD-2014-3812"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-3812"
      ],
      "details": "The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network.",
      "id": "GSD-2014-3812",
      "modified": "2023-12-13T01:22:53.034761Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-3812",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628",
            "refsource": "CONFIRM",
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:unified_access_control_software:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:unified_access_control_software:4.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:ive_os:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:ive_os:7.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mag2600_gateway:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mag4610_gateway:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mag6610_gateway:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mag6611_gateway:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:infranet_controller_4000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:secure_access_700:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:secure_access_2500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:fips_secure_access_4000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:infranet_controller_6500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:infranet_controller_4500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:secure_access_4500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:fips_secure_access_6000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:fips_infranet_controller_6500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:infranet_controller_6000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:fips_secure_access_4500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:fips_secure_access_6500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-3812"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-310"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2014-06-16T13:26Z",
      "publishedDate": "2014-06-13T14:55Z"
    }
  }
}

FKIE_CVE-2014-3812

Vulnerability from fkie_nvd - Published: 2014-06-13 14:55 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

	URL	Tags
	cve@mitre.org	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10628	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10628	Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	ive_os	7.4
juniper	ive_os	8.0
juniper	unified_access_control_software	4.4
juniper	unified_access_control_software	5.0
juniper	fips_infranet_controller_6500	-
juniper	fips_secure_access_4000	-
juniper	fips_secure_access_4500	-
juniper	fips_secure_access_6000	-
juniper	fips_secure_access_6500	-
juniper	infranet_controller_4000	-
juniper	infranet_controller_4500	-
juniper	infranet_controller_6000	-
juniper	infranet_controller_6500	-
juniper	mag2600_gateway	-
juniper	mag4610_gateway	-
juniper	mag6610_gateway	-
juniper	mag6611_gateway	-
juniper	secure_access_2500	-
juniper	secure_access_4500	-
juniper	secure_access_700	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:ive_os:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7F2DEC8-F096-4519-B194-2D1B0FFB8D0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:ive_os:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "536AF492-C6FF-4C5F-A5DF-DA14DFE8A41F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:unified_access_control_software:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9385034-54D6-4EA1-953C-3F1A32FB8B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:unified_access_control_software:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "98D9A201-54F7-4CAE-B3B8-0BEC64DAA696",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:fips_infranet_controller_6500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4B171E2-3E7D-42CE-8F16-0C232222EC63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:fips_secure_access_4000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80CC7A54-95DD-4C60-8A99-21F800616784",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:fips_secure_access_4500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B68C4310-771E-4E8F-9C62-6EBE233FCB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:fips_secure_access_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55331F37-6F9B-48A8-BBB3-BE9EBF4C2B3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:fips_secure_access_6500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528028F3-3F3F-4354-A1D7-2EF66BA27CEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:infranet_controller_4000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D39E3026-7E64-4201-8801-5138C52EA3BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:infranet_controller_4500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1220A6C-A397-4BDD-A7D1-BF16BC35CE4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:infranet_controller_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "602D3D3E-6859-4E6D-AF61-D58D26C78E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:infranet_controller_6500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4384E5A3-9D09-4340-943A-BB3408D85B8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:mag2600_gateway:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EE557B9-DF6D-4C20-98BE-E934D187CCFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:mag4610_gateway:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB174F88-B643-4338-BCD6-A9CD0EDB54A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:mag6610_gateway:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "115C8834-8BD1-4561-8B98-AE29E3B9C1C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:mag6611_gateway:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "54C5F933-61BB-40EA-9ADC-C22CFE8F9D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:secure_access_2500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82E5E8BD-68B9-4C94-A1F0-3F5C3EC7620A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:secure_access_4500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "641091CF-F671-4AD7-B10F-E50497AC462B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:secure_access_700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "42FB27DD-D685-4D5E-8DAF-7A34DE33AB59",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network."
    },
    {
      "lang": "es",
      "value": "Los dispositivos Juniper Junos Pulse Secure Access Service (SSL VPN) con IVE OS anterior a 7.4r5 y 8.x anterior a 8.0r1 y Junos Pulse Access Control Service (UAC) anterior a 4.4r5 y 5.x anterior a 5.0r1 habilitan suites de cifrado con algoritmos de codificaci\u00f3n d\u00e9biles, lo que facilita a atacantes remotos obtener informaci\u00f3n sensible mediante la captura de trafico de red."
    }
  ],
  "id": "CVE-2014-3812",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-06-13T14:55:16.040",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-J6F4-5GGJ-5X99

Vulnerability from github – Published: 2022-05-17 04:42 – Updated: 2022-05-17 04:42

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-3812"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-06-13T14:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network.",
  "id": "GHSA-j6f4-5ggj-5x99",
  "modified": "2022-05-17T04:42:15Z",
  "published": "2022-05-17T04:42:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3812"
    },
    {
      "type": "WEB",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTFR-2014-AVI-271

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Juniper. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	FIPS SA4000
N/A	N/A	IC4000
N/A	N/A	SA700
N/A	N/A	IC6500
N/A	N/A	MAG6611
N/A	N/A	FIPS SA6500
N/A	N/A	NetScreen Firewalls
N/A	N/A	SA2500
N/A	N/A	FIPS SA6000
N/A	N/A	IC4500
N/A	N/A	Junos WebApp Secure
N/A	N/A	SA6500
N/A	N/A	SA4500
N/A	N/A	MAG6610
N/A	N/A	FIPS IC6500
N/A	N/A	MAG4610
N/A	N/A	MAG2600
N/A	N/A	FIPS SA4500
N/A	N/A	IC6000

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10631 du 11 juin 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10630 du 11 juin 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10628 du 11 juin 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10632 du 11 juin 2014	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "FIPS SA4000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "IC4000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "SA700",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "IC6500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "MAG6611",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "FIPS SA6500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "NetScreen Firewalls",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "SA2500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "FIPS SA6000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "IC4500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Junos WebApp Secure",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "SA6500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "SA4500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "MAG6610",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "FIPS IC6500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "MAG4610",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "MAG2600",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "FIPS SA4500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "IC6000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-3814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3814"
    },
    {
      "name": "CVE-2013-2094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2094"
    },
    {
      "name": "CVE-2014-3813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3813"
    },
    {
      "name": "CVE-2014-3812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3812"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-271",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-06-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10631 du 11 juin 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10631"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10630 du 11 juin 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10630"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10628 du 11 juin 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10632 du 11 juin 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10632"
    }
  ]
}

CERTFR-2014-AVI-271

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	FIPS SA4000
N/A	N/A	IC4000
N/A	N/A	SA700
N/A	N/A	IC6500
N/A	N/A	MAG6611
N/A	N/A	FIPS SA6500
N/A	N/A	NetScreen Firewalls
N/A	N/A	SA2500
N/A	N/A	FIPS SA6000
N/A	N/A	IC4500
N/A	N/A	Junos WebApp Secure
N/A	N/A	SA6500
N/A	N/A	SA4500
N/A	N/A	MAG6610
N/A	N/A	FIPS IC6500
N/A	N/A	MAG4610
N/A	N/A	MAG2600
N/A	N/A	FIPS SA4500
N/A	N/A	IC6000

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10631 du 11 juin 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10630 du 11 juin 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10628 du 11 juin 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10632 du 11 juin 2014	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "FIPS SA4000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "IC4000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "SA700",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "IC6500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "MAG6611",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "FIPS SA6500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "NetScreen Firewalls",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "SA2500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "FIPS SA6000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "IC4500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Junos WebApp Secure",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "SA6500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "SA4500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "MAG6610",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "FIPS IC6500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "MAG4610",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "MAG2600",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "FIPS SA4500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "IC6000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-3814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3814"
    },
    {
      "name": "CVE-2013-2094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2094"
    },
    {
      "name": "CVE-2014-3813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3813"
    },
    {
      "name": "CVE-2014-3812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3812"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-271",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-06-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10631 du 11 juin 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10631"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10630 du 11 juin 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10630"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10628 du 11 juin 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10628"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10632 du 11 juin 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10632"
    }
  ]
}

VAR-201406-0373

Vulnerability from variot - Updated: 2023-12-18 13:39

The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network. Successfully exploiting this issue in conjunction with other latent vulnerabilities may allow attackers to gain access to sensitive information that may aid in further attacks. The former is a client that supports remote and mobile users to access corporate resources with various Web devices. The latter is a standards-based, scalable network access control solution. A remote attacker could exploit this vulnerability to obtain sensitive information by sniffing the network

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201406-0373",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "unified access control software",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "juniper",
        "version": "5.0"
      },
      {
        "model": "unified access control software",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "juniper",
        "version": "4.4"
      },
      {
        "model": "ive os",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "juniper",
        "version": "8.0"
      },
      {
        "model": "ive os",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "juniper",
        "version": "7.4"
      },
      {
        "model": "secure access 4500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "infranet controller 4500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "mag4610 gateway",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "secure access 2500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "infranet controller 4000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "secure access 700",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "fips secure access 4000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "fips infranet controller 6500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "infranet controller 6000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "infranet controller 6500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "mag2600 gateway",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "mag6610 gateway",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "mag6611 gateway",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "fips secure access 4500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "fips secure access 6500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "fips secure access 6000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "infranet controller 6500",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "secure access 700",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "fips secure access 4000",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "ive os",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "8.x"
      },
      {
        "model": "ive os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "8.0r1"
      },
      {
        "model": "infranet controller 4000",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "secure access 6500",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "infranet controller 6500 fips",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "fips secure access 6000",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "infranet controller 4500",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "mag4610 gateway",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos pulse access control service",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "5.0r1"
      },
      {
        "model": "mag2600 gateway",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "mag6611 gateway",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "secure access 4500",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "infranet controller 6000",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "mag6610 gateway",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos pulse access control service",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "5.x"
      },
      {
        "model": "fips secure access 6500",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "secure access 2500",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "fips secure access 4500",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "secure access",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "700"
      },
      {
        "model": "secure access",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "4500"
      },
      {
        "model": "secure access",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "2500"
      },
      {
        "model": "mag6611 gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "0"
      },
      {
        "model": "mag6610 gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "0"
      },
      {
        "model": "mag4610 gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "0"
      },
      {
        "model": "mag2600 gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "0"
      },
      {
        "model": "infranet controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "6500"
      },
      {
        "model": "infranet controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "6000"
      },
      {
        "model": "infranet controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "4500"
      },
      {
        "model": "infranet controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "4000"
      },
      {
        "model": "fips secure access",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "6500"
      },
      {
        "model": "fips secure access",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "6000"
      },
      {
        "model": "fips secure access",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "4500"
      },
      {
        "model": "fips secure access",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "4000"
      },
      {
        "model": "fips infranet controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "6500-"
      },
      {
        "model": "junos pulse access control service 5.0r1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos pulse access control service 4.4r5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "ive os 8.0r1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "ive os 7.4r5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "68192"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002928"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3812"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201406-307"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:unified_access_control_software:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:unified_access_control_software:4.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:ive_os:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:ive_os:7.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mag2600_gateway:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mag4610_gateway:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mag6610_gateway:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:mag6611_gateway:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:infranet_controller_4000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:secure_access_700:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:secure_access_2500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:fips_secure_access_4000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:infranet_controller_6500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:infranet_controller_4500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:secure_access_4500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:fips_secure_access_6000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:fips_infranet_controller_6500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:infranet_controller_6000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:fips_secure_access_4500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:fips_secure_access_6500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-3812"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "68192"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-3812",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2014-3812",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-71752",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2014-3812",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201406-307",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-71752",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71752"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002928"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3812"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201406-307"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network. \nSuccessfully exploiting this issue in conjunction with other latent vulnerabilities may allow attackers to gain access to sensitive information that may aid in further attacks. The former is a client that supports remote and mobile users to access corporate resources with various Web devices. The latter is a standards-based, scalable network access control solution. A remote attacker could exploit this vulnerability to obtain sensitive information by sniffing the network",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-3812"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002928"
      },
      {
        "db": "BID",
        "id": "68192"
      },
      {
        "db": "VULHUB",
        "id": "VHN-71752"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-3812",
        "trust": 2.8
      },
      {
        "db": "JUNIPER",
        "id": "JSA10628",
        "trust": 2.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002928",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201406-307",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "68192",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-71752",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71752"
      },
      {
        "db": "BID",
        "id": "68192"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002928"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3812"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201406-307"
      }
    ]
  },
  "id": "VAR-201406-0373",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71752"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:39:26.126000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "JSA10628",
        "trust": 0.8,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10628"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002928"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-310",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71752"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002928"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3812"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10628"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3812"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3812"
      },
      {
        "trust": 0.3,
        "url": "http://www.juniper.net/"
      },
      {
        "trust": 0.1,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10628"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71752"
      },
      {
        "db": "BID",
        "id": "68192"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002928"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3812"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201406-307"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-71752"
      },
      {
        "db": "BID",
        "id": "68192"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002928"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3812"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201406-307"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-06-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-71752"
      },
      {
        "date": "2014-06-13T00:00:00",
        "db": "BID",
        "id": "68192"
      },
      {
        "date": "2014-06-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-002928"
      },
      {
        "date": "2014-06-13T14:55:16.040000",
        "db": "NVD",
        "id": "CVE-2014-3812"
      },
      {
        "date": "2014-06-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201406-307"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-06-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-71752"
      },
      {
        "date": "2014-06-13T00:00:00",
        "db": "BID",
        "id": "68192"
      },
      {
        "date": "2014-06-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-002928"
      },
      {
        "date": "2014-06-16T13:26:01.637000",
        "db": "NVD",
        "id": "CVE-2014-3812"
      },
      {
        "date": "2014-06-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201406-307"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201406-307"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Juniper Junos Pulse Secure Access Service Device  IVE OS and  Junos Pulse Access Control Service Vulnerability in which important information is obtained",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002928"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "encryption problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201406-307"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-3812 (GCVE-0-2014-3812)

GSD-2014-3812

FKIE_CVE-2014-3812

GHSA-J6F4-5GGJ-5X99

CERTFR-2014-AVI-271

Solution

CERTFR-2014-AVI-271

Solution

VAR-201406-0373

Tags

Sightings

Nomenclature