Search criteria
1 vulnerability found for pcs6500 by juniper
VAR-201508-0201
Vulnerability from variot - Updated: 2025-04-13 23:37Pulse Connect Secure (aka PCS and formerly Juniper PCS) PSC6000, PCS6500, and MAG PSC360 8.1 before 8.1r5, 8.0 before 8.0r13, 7.4 before 7.4r13.5, and 7.1 before 7.1r22.2 and PPS 5.1 before 5.1R5 and 5.0 before 5.0R13, when Hardware Acceleration is enabled, does not properly validate the Finished TLS handshake message, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted Finished message. Supplementary information : CWE Vulnerability type by CWE-17: Code ( code ) Has been identified. http://cwe.mitre.org/data/definitions/17.htmlSkillfully crafted by a third party Finished Man-in-the-middle attacks via messages (man-in-the-middle attack) May be executed. Pulse Connect Secure (also known as PCS, formerly known as Juniper PCS) PSC6000, PCS6500, MAG PSC360 and PPS are all products of American Pulse Secure company. PCS is a set of SSL VPN solutions. PPS is a set of NAC and BYOD solutions. There are security vulnerabilities in several Pulse Secure PCS products. The following products and versions are affected: Pulse Secure PCS PSC6000, PCS6500, MAG PSC360 Version 8.1, Version 8.0, Version 7.4, Version 7.1, PPS Version 5.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201508-0201",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pulse connect secure",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "pulse connect secure",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "pulse connect secure",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "pulse connect secure",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "pulse connect secure",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.1"
},
{
"model": "pcs6500",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "pulse policy secure",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "5.1 (mag psc360)"
},
{
"model": "pulse connect secure",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "7.4r13.5"
},
{
"model": "pulse policy secure",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "5.0r13"
},
{
"model": "pulse connect secure",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "pulse connect secure",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0r13"
},
{
"model": "mag psc360",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "pulse policy secure",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "5.1r5"
},
{
"model": "pulse connect secure",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "7.1r22.2"
},
{
"model": "psc6000",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "pulse connect secure",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "8.1"
},
{
"model": "pulse connect secure",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "8.1r5"
},
{
"model": "pulse connect secure",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "pulse connect secure",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "pulse policy secure",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "5.0 (mag psc360)"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004041"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-052"
},
{
"db": "NVD",
"id": "CVE-2015-5369"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:juniper:mag_pcs360",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:pcs6500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:juniper:pcs6000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:juniper:pulse_connect_secure",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:juniper:pulse_policy_secure",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004041"
}
]
},
"cve": "CVE-2015-5369",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2015-5369",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-83330",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-5369",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-5369",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201508-052",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-83330",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83330"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004041"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-052"
},
{
"db": "NVD",
"id": "CVE-2015-5369"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pulse Connect Secure (aka PCS and formerly Juniper PCS) PSC6000, PCS6500, and MAG PSC360 8.1 before 8.1r5, 8.0 before 8.0r13, 7.4 before 7.4r13.5, and 7.1 before 7.1r22.2 and PPS 5.1 before 5.1R5 and 5.0 before 5.0R13, when Hardware Acceleration is enabled, does not properly validate the Finished TLS handshake message, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted Finished message. Supplementary information : CWE Vulnerability type by CWE-17: Code ( code ) Has been identified. http://cwe.mitre.org/data/definitions/17.htmlSkillfully crafted by a third party Finished Man-in-the-middle attacks via messages (man-in-the-middle attack) May be executed. Pulse Connect Secure (also known as PCS, formerly known as Juniper PCS) PSC6000, PCS6500, MAG PSC360 and PPS are all products of American Pulse Secure company. PCS is a set of SSL VPN solutions. PPS is a set of NAC and BYOD solutions. There are security vulnerabilities in several Pulse Secure PCS products. The following products and versions are affected: Pulse Secure PCS PSC6000, PCS6500, MAG PSC360 Version 8.1, Version 8.0, Version 7.4, Version 7.1, PPS Version 5.1",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5369"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004041"
},
{
"db": "VULHUB",
"id": "VHN-83330"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECTRACK",
"id": "1033166",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2015-5369",
"trust": 2.5
},
{
"db": "PULSESECURE",
"id": "SA40004",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004041",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201508-052",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-83330",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83330"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004041"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-052"
},
{
"db": "NVD",
"id": "CVE-2015-5369"
}
]
},
"id": "VAR-201508-0201",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-83330"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:37:31.593000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SA40004",
"trust": 0.8,
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40004"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004041"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
},
{
"problemtype": "CWE-17",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83330"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004041"
},
{
"db": "NVD",
"id": "CVE-2015-5369"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id/1033166"
},
{
"trust": 1.7,
"url": "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa40004"
},
{
"trust": 1.7,
"url": "https://vivaldi.net/en-us/blogs/entry/the-poodle-has-friends"
},
{
"trust": 1.6,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=tsb16756"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5369"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5369"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=tsb16756"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83330"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004041"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-052"
},
{
"db": "NVD",
"id": "CVE-2015-5369"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-83330"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004041"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-052"
},
{
"db": "NVD",
"id": "CVE-2015-5369"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-08-11T00:00:00",
"db": "VULHUB",
"id": "VHN-83330"
},
{
"date": "2015-08-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004041"
},
{
"date": "2015-08-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201508-052"
},
{
"date": "2015-08-11T14:59:12.710000",
"db": "NVD",
"id": "CVE-2015-5369"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-08-11T00:00:00",
"db": "VULHUB",
"id": "VHN-83330"
},
{
"date": "2015-08-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004041"
},
{
"date": "2015-08-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201508-052"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-5369"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201508-052"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Pulse Connect Secure Vulnerabilities in products that allow man-in-the-middle attacks",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004041"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201508-052"
}
],
"trust": 0.6
}
}