fkie_cve-2013-5650
Vulnerability from fkie_nvd
Published
2013-09-16 19:14
Modified
2025-04-11 00:51
Severity ?
Summary
Junos Pulse Secure Access Service (IVE) 7.1 before 7.1r5, 7.2 before 7.2r10, 7.3 before 7.3r6, and 7.4 before 7.4r3 and Junos Pulse Access Control Service (UAC) 4.1 before 4.1r8.1, 4.2 before 4.2r5, 4.3 before 4.3r6 and 4.4 before 4.4r3, when a hardware SSL acceleration card is enabled, allows remote attackers to cause a denial of service (device hang) via a crafted packet.
References
cve@mitre.orghttp://osvdb.org/97241
cve@mitre.orghttp://secunia.com/advisories/54776Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/87063
cve@mitre.orghttps://kb.juniper.net/InfoCenter/index?cmid=no&page=content&id=JSA10590Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/97241
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/54776Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/87063
af854a3a-2127-422b-91ae-364da2661108https://kb.juniper.net/InfoCenter/index?cmid=no&page=content&id=JSA10590Vendor Advisory
Impacted products
Vendor Product Version
juniper junos_pulse_secure_access_service 7.1
juniper junos_pulse_secure_access_service 7.2
juniper junos_pulse_secure_access_service 7.3
juniper junos_pulse_secure_access_service 7.4
juniper junos_pulse_access_control_service 4.1
juniper junos_pulse_access_control_service 4.2
juniper junos_pulse_access_control_service 4.3
juniper junos_pulse_access_control_service 4.4


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:juniper:junos_pulse_secure_access_service:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE0C8957-0870-4070-AAD3-720EE46311EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:juniper:junos_pulse_secure_access_service:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B131A79C-9F00-4205-906A-1C6FFF968399",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:juniper:junos_pulse_secure_access_service:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CB3318-20E0-4D84-B95D-50F2DDB7CB56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:juniper:junos_pulse_secure_access_service:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA1CB31-3514-480E-ADD0-B8415B379754",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:juniper:junos_pulse_access_control_service:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E19A150B-30A6-4C86-86EE-DD010C707607",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:juniper:junos_pulse_access_control_service:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94EE9B9-1CE6-401B-80F7-9EC080BD7B74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:juniper:junos_pulse_access_control_service:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8A5CD74-9A06-45E2-9C5B-DDA2E3D7EE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:juniper:junos_pulse_access_control_service:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1539B994-2F09-43E8-9854-4A41585F0513",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Junos Pulse Secure Access Service (IVE) 7.1 before 7.1r5, 7.2 before 7.2r10, 7.3 before 7.3r6, and 7.4 before 7.4r3 and Junos Pulse Access Control Service (UAC) 4.1 before 4.1r8.1, 4.2 before 4.2r5, 4.3 before 4.3r6 and 4.4 before 4.4r3, when a hardware SSL acceleration card is enabled, allows remote attackers to cause a denial of service (device hang) via a crafted packet."
    },
    {
      "lang": "es",
      "value": "Junos Pulse Secure Access Service (IVE) 7.1 anterior a 7.1r5, 7.2 anterior a 7.2r10, 7.3 anterior a 7.3r6, and 7.4 anterior a 7.4r3 y Junos Pulse Access Control Service (UAC) 4.1 anterior a 4.1r8.1, 4.2 anterior a 4.2r5, 4.3 anterior a 4.3r6 y 4.4 anterior a 4.4r3, cuando una tarjeta hardware de aceleraci\u00f3n SSL esta habilitada, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue del dispositivo) a trav\u00e9s de un paquete manipulado."
    }
  ],
  "id": "CVE-2013-5650",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 5.4,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-09-16T19:14:39.367",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/97241"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/54776"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87063"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?cmid=no\u0026page=content\u0026id=JSA10590"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/97241"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/54776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87063"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?cmid=no\u0026page=content\u0026id=JSA10590"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.