VAR-201309-0473
Vulnerability from variot - Updated: 2023-12-18 13:53Junos Pulse Secure Access Service (IVE) 7.1 before 7.1r5, 7.2 before 7.2r10, 7.3 before 7.3r6, and 7.4 before 7.4r3 and Junos Pulse Access Control Service (UAC) 4.1 before 4.1r8.1, 4.2 before 4.2r5, 4.3 before 4.3r6 and 4.4 before 4.4r3, when a hardware SSL acceleration card is enabled, allows remote attackers to cause a denial of service (device hang) via a crafted packet. Attackers can exploit this issue to cause denial-of-service conditions. IVE is a simple, intuitive client. UAC is a standard-based, scalable network access control solution. A denial of service vulnerability exists in versions 7.1 to 7.4 of IVE devices and versions 4.1 to 4.4 of UAC devices
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0473",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "junos pulse secure access service",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "junos pulse access control service",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "junos pulse access control service",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "junos pulse access control service",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "4.3"
},
{
"model": "junos pulse secure access service",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "junos pulse access control service",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "4.4"
},
{
"model": "junos pulse secure access service",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "junos pulse secure access service",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "7.2"
},
{
"model": "junos pulse access control service",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "4.1r8.1"
},
{
"model": "junos pulse access control service",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "4.3"
},
{
"model": "junos pulse access control service",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "4.4r3"
},
{
"model": "junos pulse secure access service",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "7.2r10"
},
{
"model": "junos pulse access control service",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "4.4"
},
{
"model": "junos pulse access control service",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "4.3r6"
},
{
"model": "junos pulse access control service",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "junos pulse secure access service",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "7.2"
},
{
"model": "junos pulse secure access service",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "junos pulse secure access service",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "7.3r6"
},
{
"model": "junos pulse secure access service",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "7.4r3"
},
{
"model": "junos pulse access control service",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "4.2r5"
},
{
"model": "junos pulse secure access service",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "junos pulse access control service",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "junos pulse secure access service",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "7.1r5"
},
{
"model": "junos pulse secure access service",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "networks sa6500 fips",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "networks sa6000 fips",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "networks ive os 7.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "networks ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1"
}
],
"sources": [
{
"db": "BID",
"id": "62354"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004161"
},
{
"db": "NVD",
"id": "CVE-2013-5650"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-234"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:juniper:junos_pulse_secure_access_service:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:junos_pulse_secure_access_service:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:junos_pulse_secure_access_service:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:junos_pulse_secure_access_service:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:juniper:junos_pulse_access_control_service:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:junos_pulse_access_control_service:4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:junos_pulse_access_control_service:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:junos_pulse_access_control_service:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5650"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor credits Kenny Herold.",
"sources": [
{
"db": "BID",
"id": "62354"
}
],
"trust": 0.3
},
"cve": "CVE-2013-5650",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 5.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-5650",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "VHN-65652",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-5650",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-234",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-65652",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65652"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004161"
},
{
"db": "NVD",
"id": "CVE-2013-5650"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-234"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Junos Pulse Secure Access Service (IVE) 7.1 before 7.1r5, 7.2 before 7.2r10, 7.3 before 7.3r6, and 7.4 before 7.4r3 and Junos Pulse Access Control Service (UAC) 4.1 before 4.1r8.1, 4.2 before 4.2r5, 4.3 before 4.3r6 and 4.4 before 4.4r3, when a hardware SSL acceleration card is enabled, allows remote attackers to cause a denial of service (device hang) via a crafted packet. \nAttackers can exploit this issue to cause denial-of-service conditions. IVE is a simple, intuitive client. UAC is a standard-based, scalable network access control solution. A denial of service vulnerability exists in versions 7.1 to 7.4 of IVE devices and versions 4.1 to 4.4 of UAC devices",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5650"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004161"
},
{
"db": "BID",
"id": "62354"
},
{
"db": "VULHUB",
"id": "VHN-65652"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-5650",
"trust": 2.8
},
{
"db": "JUNIPER",
"id": "JSA10590",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "54776",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "97241",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004161",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201309-234",
"trust": 0.7
},
{
"db": "BID",
"id": "62354",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-65652",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65652"
},
{
"db": "BID",
"id": "62354"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004161"
},
{
"db": "NVD",
"id": "CVE-2013-5650"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-234"
}
]
},
"id": "VAR-201309-0473",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-65652"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:53:28.438000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "JSA10590",
"trust": 0.8,
"url": "https://kb.juniper.net/infocenter/index?cmid=no\u0026page=content\u0026id=jsa10590"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004161"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65652"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004161"
},
{
"db": "NVD",
"id": "CVE-2013-5650"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://kb.juniper.net/infocenter/index?cmid=no\u0026page=content\u0026id=jsa10590"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/54776"
},
{
"trust": 1.1,
"url": "http://osvdb.org/97241"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87063"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5650"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5650"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/"
},
{
"trust": 0.1,
"url": "https://kb.juniper.net/infocenter/index?cmid=no\u0026amp;page=content\u0026amp;id=jsa10590"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65652"
},
{
"db": "BID",
"id": "62354"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004161"
},
{
"db": "NVD",
"id": "CVE-2013-5650"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-234"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-65652"
},
{
"db": "BID",
"id": "62354"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004161"
},
{
"db": "NVD",
"id": "CVE-2013-5650"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-234"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-16T00:00:00",
"db": "VULHUB",
"id": "VHN-65652"
},
{
"date": "2013-09-12T00:00:00",
"db": "BID",
"id": "62354"
},
{
"date": "2013-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004161"
},
{
"date": "2013-09-16T19:14:39.367000",
"db": "NVD",
"id": "CVE-2013-5650"
},
{
"date": "2013-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-234"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-65652"
},
{
"date": "2013-09-12T00:00:00",
"db": "BID",
"id": "62354"
},
{
"date": "2013-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004161"
},
{
"date": "2017-08-29T01:33:50.090000",
"db": "NVD",
"id": "CVE-2013-5650"
},
{
"date": "2013-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-234"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-234"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper Junos Pulse Secure Access Service and Junos Pulse Access Control Service Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004161"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-234"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…