Published: 21/12/2018 Updated: 03/10/2019

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Subscribe to Secure Access Series Ssl Vpn Sa-4000

Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC) allow privilege escalation, as demonstrated by Secure Access SSL VPN SA-4000 5.1R5 (build 9627) 4.2 Release (build 7631). This occurs because appropriate controls are not performed. Specifically, it is possible for a readonly user to change the administrator user password by making a local copy of the /dana-admin/user/update.cgi page, changing the "user" value, and saving the changes.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pulsesecure secure access series ssl vpn sa-4000 4.2
pulsesecure secure access series ssl vpn sa-4000 5.1r5

Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC) allow privilege escalation, as demonstrated by Secure Access SSL VPN SA-4000 51R5 (build 9627) 42 Release (build 7631) This occurs because appropriate controls are not performed ...

Full Disclosure mailing list archives   By Date By Thread </form>    CVE-2018-20193 - Privilege escalation in Juniper Secure Access SSL VPN - SA-4000, 51R5 (build 9627) 42 Release (build ...

CWE-269 http://seclists.org/fulldisclosure/2018/Dec/37 http://www.securityfocus.com/bid/106289 https://nvd.nist.gov https://packetstormsecurity.com/files/150882/Juniper-Secure-Access-SSL-VPN-Privilege-Escalation.html

CVE-2018-20193

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

References

Vulmon Search

About

Products

Connect