CVE-2015-7323

The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypass intended access restrictions and log into arbitrary meetings by leveraging a meeting id and meetingAppSun.jar.

CVSS v2.0 3.5 LOW

3.5^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:M/Au:S/C:P/I:N/A:N

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://profundis-labs.com/advisories/CVE-2015-7323.txt	Exploit
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40054	Vendor Advisory
http://seclists.org/fulldisclosure/2015/Sep/98	Exploit
https://packetstormsecurity.com/files/133711/Junos-Pulse-Secure-Meeting-8.0.5-Access-Bypass.html	Exploit
http://www.securitytracker.com/id/1033684

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:juniper:pulse_connect_secure:8.0:::::::*
	cpe:2.3:a:juniper:pulse_connect_secure:8.1:::::::*
	cpe:2.3:a:juniper:pulse_connect_secure:7.1:::::::*
	cpe:2.3:a:juniper:pulse_connect_secure:7.4:::::::*

Information

Published : 2015-10-05 08:59

Updated : 2016-12-07 19:13

NVD link : CVE-2015-7323

Mitre link : CVE-2015-7323

JSON object : View

CWE

CWE-264

Permissions, Privileges, and Access Controls

Advertisement

Products Affected

juniper

pulse_connect_secure

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://profundis-labs.com/advisories/CVE-2015-7323.txt", "name": "https://profundis-labs.com/advisories/CVE-2015-7323.txt", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40054", "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40054", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://seclists.org/fulldisclosure/2015/Sep/98", "name": "20150925 CVE-2015-7323 - Secure Meeting (Pulse Collaboration) issue may allow authenticated users to bypass meeting authorization", "tags": ["Exploit"], "refsource": "FULLDISC"}, {"url": "https://packetstormsecurity.com/files/133711/Junos-Pulse-Secure-Meeting-8.0.5-Access-Bypass.html", "name": "https://packetstormsecurity.com/files/133711/Junos-Pulse-Secure-Meeting-8.0.5-Access-Bypass.html", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "http://www.securitytracker.com/id/1033684", "name": "1033684", "tags": [], "refsource": "SECTRACK"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypass intended access restrictions and log into arbitrary meetings by leveraging a meeting id and meetingAppSun.jar."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-7323", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "LOW", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2015-10-05T15:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:juniper:pulse_connect_secure:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:juniper:pulse_connect_secure:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:juniper:pulse_connect_secure:7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:juniper:pulse_connect_secure:7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2016-12-08T03:13Z"}