var-201403-0329
Vulnerability from variot
Unspecified vulnerability in the Linux Network Connect client in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows local users to gain privileges via unspecified vectors. Juniper Junos is prone to local privilege-escalation vulnerability. Local attackers can exploit this issue to escalate their access to root privileges. The client supports remote and mobile users to access enterprise resources with various web devices
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201403-0329",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ive os",
"scope": "eq",
"trust": 2.5,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "ive os",
"scope": "eq",
"trust": 2.5,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "ive os",
"scope": "eq",
"trust": 2.5,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "ive os",
"scope": "eq",
"trust": 2.5,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "7.3r10"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "7.4r8"
},
{
"model": "ive os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0r1"
},
{
"model": "ive os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "ive os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "sa700",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa6500 fips",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa6500",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa6000 fips",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa6000",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa4500 fips",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa4500",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa4000 fips",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa4000",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa2500",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "sa2000",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "mag6611",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "mag6610",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "mag4610",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "mag2600",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "ive os 8.0r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 7.4r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 7.3r10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 7.1r17",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01802"
},
{
"db": "BID",
"id": "66379"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001703"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-289"
},
{
"db": "NVD",
"id": "CVE-2014-2292"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:juniper:ive_os",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001703"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "J\u00f6rg Scheinert from Verizon GCIS",
"sources": [
{
"db": "BID",
"id": "66379"
}
],
"trust": 0.3
},
"cve": "CVE-2014-2292",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2014-2292",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CNVD-2014-01802",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-70231",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-2292",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-2292",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2014-01802",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201403-289",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-70231",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01802"
},
{
"db": "VULHUB",
"id": "VHN-70231"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001703"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-289"
},
{
"db": "NVD",
"id": "CVE-2014-2292"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the Linux Network Connect client in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows local users to gain privileges via unspecified vectors. Juniper Junos is prone to local privilege-escalation vulnerability. \nLocal attackers can exploit this issue to escalate their access to root privileges. The client supports remote and mobile users to access enterprise resources with various web devices",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2292"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001703"
},
{
"db": "CNVD",
"id": "CNVD-2014-01802"
},
{
"db": "BID",
"id": "66379"
},
{
"db": "VULHUB",
"id": "VHN-70231"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2292",
"trust": 3.4
},
{
"db": "JUNIPER",
"id": "JSA10616",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001703",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201403-289",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-01802",
"trust": 0.6
},
{
"db": "BID",
"id": "66379",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-70231",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01802"
},
{
"db": "VULHUB",
"id": "VHN-70231"
},
{
"db": "BID",
"id": "66379"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001703"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-289"
},
{
"db": "NVD",
"id": "CVE-2014-2292"
}
]
},
"id": "VAR-201403-0329",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01802"
},
{
"db": "VULHUB",
"id": "VHN-70231"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01802"
}
]
},
"last_update_date": "2024-11-23T23:09:53.939000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "JSA10616",
"trust": 0.8,
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10616"
},
{
"title": "Juniper Junos Pulse Secure Access Service has an unexplained patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/44369"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01802"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001703"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2292"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10616"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2292"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2292"
},
{
"trust": 0.3,
"url": "http://www.juniper.net"
},
{
"trust": 0.1,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10616"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01802"
},
{
"db": "VULHUB",
"id": "VHN-70231"
},
{
"db": "BID",
"id": "66379"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001703"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-289"
},
{
"db": "NVD",
"id": "CVE-2014-2292"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-01802"
},
{
"db": "VULHUB",
"id": "VHN-70231"
},
{
"db": "BID",
"id": "66379"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001703"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-289"
},
{
"db": "NVD",
"id": "CVE-2014-2292"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01802"
},
{
"date": "2014-03-14T00:00:00",
"db": "VULHUB",
"id": "VHN-70231"
},
{
"date": "2014-03-12T00:00:00",
"db": "BID",
"id": "66379"
},
{
"date": "2014-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001703"
},
{
"date": "2014-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-289"
},
{
"date": "2014-03-14T15:55:05.713000",
"db": "NVD",
"id": "CVE-2014-2292"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-03-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01802"
},
{
"date": "2014-03-17T00:00:00",
"db": "VULHUB",
"id": "VHN-70231"
},
{
"date": "2014-03-12T00:00:00",
"db": "BID",
"id": "66379"
},
{
"date": "2014-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001703"
},
{
"date": "2014-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201403-289"
},
{
"date": "2024-11-21T02:06:01.117000",
"db": "NVD",
"id": "CVE-2014-2292"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "66379"
},
{
"db": "CNNVD",
"id": "CNNVD-201403-289"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IVE OS of Juniper Junos Pulse Secure Access Service of Linux Network Connect Vulnerabilities that can be used to acquire privileges on clients",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001703"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201403-289"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…