var-201308-0003
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject arbitrary web script or HTML via the WWHSearchWordsText parameter. Junos Pulse Secure Access Service (SSL VPN) is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code could be executed in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks may also be possible. The client supports remote and mobile users to access enterprise resources with various web devices. The vulnerability exists in the following product versions: versions prior to 7.1r13, versions prior to 7.2r7, versions prior to 7.3r2. -------------------------------------------------------------------------------
| Juniper Secure Access XSS Vulnerability|
Summary
Juniper Secure Access software has reflected XSS vulnerability
CVE number: CVE-2012-5460 PSN-2013-03-874 Impact: Low
Vendor homepage: http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-03-874&viewMode=view
Vendor notified: 06/06/2012
Vendor fixed: 12/12/2012
Affected Products
Juniper SA (IVE OS) to versions prior to 7.1r13, 7.2r7, 7.3r2 .
Details
In order to exploit this vulnerability , the client should authenticate to SSLVPN service.The vulnerable parameter exists on help page of IVE user web interface.
Effected parameter: WWHSearchWordsText
Impact
Execution of arbitrary script code in a user's browser during an authenticated session.
Solution
Upgrade to 7.1r13, 7.2r7, 7.3r2, or higher.
Twitter @pazwant
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201308-0003",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ive os",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "ive os",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "ive os",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "7.2"
},
{
"model": "secure access virtual appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "fips secure access 4500",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "secure access 700",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "secure access 2000",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "secure access 4500",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "mag6610 gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "secure access 6000",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "secure access 2500",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "mag2600 gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "mag6611 gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "fips secure access 6000",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "secure access 6500",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "fips secure access 6500",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "fips secure access 4000",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "secure access 4000",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "mag4610 gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": null
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "7.2r7"
},
{
"model": "secure access 700",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "secure access 6000",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "fips secure access 4000",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "ive os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "7.3.x"
},
{
"model": "secure access 6500",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "fips secure access 6000",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "secure access 4000",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "mag4610 gateway",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "mag2600 gateway",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "mag6611 gateway",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "secure access 4500",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "7.3r2"
},
{
"model": "mag6610 gateway",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "secure access 2000",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "secure access virtual appliance",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "ive os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "7.2.x"
},
{
"model": "fips secure access 6500",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "secure access 2500",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "fips secure access 4500",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junos pulse secure access service sa700",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service sa6500",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service sa6000",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service sa4500",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service sa4000",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service sa2500",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service sa2000",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service mag6611",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service mag6610",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service mag4610",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service mag2600",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service fips sa6500",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service fips sa6000",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service fips sa4500",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos pulse secure access service fips sa4000",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "61399"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003638"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-518"
},
{
"db": "NVD",
"id": "CVE-2012-5460"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:juniper:ive_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:fips_secure_access_4000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:fips_secure_access_4500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:fips_secure_access_6000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:fips_secure_access_6500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:mag2600_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:mag4610_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:mag6610_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:mag6611_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:juniper:secure_access_2000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:secure_access_2500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:secure_access_4000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:secure_access_4500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:secure_access_6000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:secure_access_6500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:secure_access_700",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:juniper:secure_access_virtual_appliance",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003638"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "61399"
}
],
"trust": 0.3
},
"cve": "CVE-2012-5460",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-5460",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-58741",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-5460",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2012-5460",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201307-518",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-58741",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58741"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003638"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-518"
},
{
"db": "NVD",
"id": "CVE-2012-5460"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject arbitrary web script or HTML via the WWHSearchWordsText parameter. Junos Pulse Secure Access Service (SSL VPN) is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. \nAttacker-supplied HTML and script code could be executed in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks may also be possible. The client supports remote and mobile users to access enterprise resources with various web devices. The vulnerability exists in the following product versions: versions prior to 7.1r13, versions prior to 7.2r7, versions prior to 7.3r2. -------------------------------------------------------------------------------\n\n\n| Juniper Secure Access XSS Vulnerability|\n\n\n--------------------------------------------------------------------------------\n\n\nSummary\n===============\n\nJuniper Secure Access software has reflected XSS vulnerability\n\nCVE number: CVE-2012-5460\nPSN-2013-03-874\nImpact: Low\n\nVendor homepage:\nhttp://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search\u0026txtAlertNumber=PSN-2013-03-874\u0026viewMode=view\n\nVendor notified: 06/06/2012\n\nVendor fixed: 12/12/2012\n\nAffected Products\n=================\nJuniper SA (IVE OS) to versions prior to 7.1r13, 7.2r7, 7.3r2 . \n\n\nDetails\n==================\nIn order to exploit this vulnerability , the client should\nauthenticate to SSLVPN service.The vulnerable parameter exists on help\npage of IVE user web interface. \n\nEffected parameter: WWHSearchWordsText\n\nImpact\n==================\nExecution of arbitrary script code in a user\u0027s browser during an\nauthenticated session. \n\n\nSolution\n==================\nUpgrade to 7.1r13, 7.2r7, 7.3r2, or higher. \n\nTwitter @pazwant\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5460"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003638"
},
{
"db": "BID",
"id": "61399"
},
{
"db": "VULHUB",
"id": "VHN-58741"
},
{
"db": "PACKETSTORM",
"id": "122518"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-58741",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58741"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-5460",
"trust": 2.9
},
{
"db": "BID",
"id": "61399",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003638",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201307-518",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20130722 JUNIPER SECURE ACCESS XSS VULNERABILITY",
"trust": 0.6
},
{
"db": "JUNIPER",
"id": "JSA10554",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "122518",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-58741",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58741"
},
{
"db": "BID",
"id": "61399"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003638"
},
{
"db": "PACKETSTORM",
"id": "122518"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-518"
},
{
"db": "NVD",
"id": "CVE-2012-5460"
}
]
},
"id": "VAR-201308-0003",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-58741"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:06:45.753000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "JSA10554",
"trust": 0.8,
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10554"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003638"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58741"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003638"
},
{
"db": "NVD",
"id": "CVE-2012-5460"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0148.html"
},
{
"trust": 1.7,
"url": "http://www.juniper.net/alerts/viewalert.jsp?actionbtn=search\u0026txtalertnumber=psn-2013-03-874\u0026viewmode=view"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5460"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5460"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/61399"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10554"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/us/en/products-services/software/junos-platform/junos-pulse/secure-access/"
},
{
"trust": 0.1,
"url": "http://www.juniper.net/alerts/viewalert.jsp?actionbtn=search\u0026amp;txtalertnumber=psn-2013-03-874\u0026amp;viewmode=view"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5460"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-58741"
},
{
"db": "BID",
"id": "61399"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003638"
},
{
"db": "PACKETSTORM",
"id": "122518"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-518"
},
{
"db": "NVD",
"id": "CVE-2012-5460"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-58741"
},
{
"db": "BID",
"id": "61399"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003638"
},
{
"db": "PACKETSTORM",
"id": "122518"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-518"
},
{
"db": "NVD",
"id": "CVE-2012-5460"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-01T00:00:00",
"db": "VULHUB",
"id": "VHN-58741"
},
{
"date": "2013-07-22T00:00:00",
"db": "BID",
"id": "61399"
},
{
"date": "2013-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003638"
},
{
"date": "2013-07-23T14:44:44",
"db": "PACKETSTORM",
"id": "122518"
},
{
"date": "2013-07-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-518"
},
{
"date": "2013-08-01T13:32:35.103000",
"db": "NVD",
"id": "CVE-2012-5460"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-01T00:00:00",
"db": "VULHUB",
"id": "VHN-58741"
},
{
"date": "2013-07-22T00:00:00",
"db": "BID",
"id": "61399"
},
{
"date": "2013-08-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003638"
},
{
"date": "2013-07-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-518"
},
{
"date": "2013-08-01T13:32:35.103000",
"db": "NVD",
"id": "CVE-2012-5460"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-518"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper Secure Access of IVE OS Help page cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003638"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "122518"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-518"
}
],
"trust": 0.7
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…