Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 13/06/2013 Updated: 13/06/2013

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Subscribe to Junos Pulse Secure Access Service

Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7.0r2 up to and including 7.0r8 and 7.1r1 up to and including 7.1r5 and Junos Pulse Access Control Service (aka UAC) with UAC OS 4.1r1 up to and including 4.1r5 include a test Certification Authority (CA) certificate in the Trusted Server CAs list, which makes it easier for man-in-the-middle malicious users to spoof SSL servers by leveraging control over that test CA.

Vulnerable Product	Search on Vulmon	Subscribe to Product
juniper junos pulse secure access service 7.0r2
juniper junos pulse secure access service 7.0r3
juniper junos pulse secure access service 7.0r4
juniper junos pulse secure access service 7.0r8
juniper junos pulse secure access service 7.1r1
juniper junos pulse secure access service 7.1r1.1
juniper junos pulse secure access service 7.1r2
juniper junos pulse secure access service 7.0r5.1
juniper junos pulse secure access service 7.0r7
juniper junos pulse secure access service 7.1r3
juniper junos pulse secure access service 7.1r5
juniper junos pulse secure access service 7.0r5
juniper junos pulse secure access service 7.0r6
juniper junos pulse secure access service 7.1r4
juniper junos pulse access control service 4.1r1.1
juniper junos pulse access control service 4.1r2
juniper junos pulse access control service 4.1r3
juniper junos pulse access control service 4.1r4
juniper junos pulse access control service 4.1r1
juniper junos pulse access control service 4.1r5

CWE-310 http://kb.juniper.net/JSA10571 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-3970

Vulnerability Summary

References

Vulmon Search

About

Products

Connect