Search criteria
6 vulnerabilities found for smartpass by juniper
VAR-201412-0213
Vulnerability from variot - Updated: 2025-04-13 23:36Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors. The Juniper WLC Series is a wireless LAN controller. Juniper WLC Series Devices are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to crash, denying service to legitimate users. The following releases are affected: Juniper WLC devices using releases 8.0, 9.0, and 9.1 of the WLAN software
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0213",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smartpass",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0.3.6"
},
{
"model": "ringmaster",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "9.0.2.1"
},
{
"model": "ringmaster",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "ringmaster",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0.2.1"
},
{
"model": "ringmaster",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0.3.2"
},
{
"model": "ringmaster",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0.2.2"
},
{
"model": "ringmaster",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "9.0.2.5"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "8.0.2.1"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "8.0.3.1"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.1.1"
},
{
"model": "ringmaster software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.2.11"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.3.5"
},
{
"model": "mobile system software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.1.x"
},
{
"model": "ringmaster software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.x"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.2.11"
},
{
"model": "smartpass",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.3.x"
},
{
"model": "smartpass",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.x"
},
{
"model": "ringmaster software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.3.x"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.1.1"
},
{
"model": "smartpass",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0.x"
},
{
"model": "ringmaster software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0.x"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.2.11"
},
{
"model": "ringmaster software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0.4"
},
{
"model": "ringmaster software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.1.x"
},
{
"model": "smartpass",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.1.x"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0.4"
},
{
"model": "mobile system software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.x"
},
{
"model": "ringmaster software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.3.5"
},
{
"model": "mobile system software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.3.x"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.0.3.5"
},
{
"model": "ringmaster software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "9.1.1"
},
{
"model": "mobile system software",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0.x"
},
{
"model": "mobile system software",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0.4"
},
{
"model": "wlc series",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
},
{
"db": "NVD",
"id": "CVE-2014-6381"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:juniper:mobile_system_software",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:juniper:ringmaster",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:juniper:smartpass",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "71612"
}
],
"trust": 0.3
},
"cve": "CVE-2014-6381",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "CVE-2014-6381",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "CNVD-2014-08956",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "VHN-74325",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-6381",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2014-6381",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2014-08956",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-311",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-74325",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "VULHUB",
"id": "VHN-74325"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
},
{
"db": "NVD",
"id": "CVE-2014-6381"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when \"Proxy ARP\" or \"No Broadcast\" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors. The Juniper WLC Series is a wireless LAN controller. Juniper WLC Series Devices are prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause an affected device to crash, denying service to legitimate users. The following releases are affected: Juniper WLC devices using releases 8.0, 9.0, and 9.1 of the WLAN software",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-6381"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "BID",
"id": "71612"
},
{
"db": "VULHUB",
"id": "VHN-74325"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-6381",
"trust": 3.4
},
{
"db": "BID",
"id": "71612",
"trust": 2.6
},
{
"db": "JUNIPER",
"id": "JSA10662",
"trust": 2.3
},
{
"db": "SECTRACK",
"id": "1031360",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-311",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-08956",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-74325",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "VULHUB",
"id": "VHN-74325"
},
{
"db": "BID",
"id": "71612"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
},
{
"db": "NVD",
"id": "CVE-2014-6381"
}
]
},
"id": "VAR-201412-0213",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "VULHUB",
"id": "VHN-74325"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
}
]
},
"last_update_date": "2025-04-13T23:36:30.138000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "JSA10662",
"trust": 0.8,
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"title": "Juniper WLC Series Devices Patch for Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/52902"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-74325"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "NVD",
"id": "CVE-2014-6381"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10662"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/71612"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1031360"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6381"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-6381"
},
{
"trust": 0.1,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10662"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "VULHUB",
"id": "VHN-74325"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
},
{
"db": "NVD",
"id": "CVE-2014-6381"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"db": "VULHUB",
"id": "VHN-74325"
},
{
"db": "BID",
"id": "71612"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
},
{
"db": "NVD",
"id": "CVE-2014-6381"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"date": "2014-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-74325"
},
{
"date": "2014-12-11T00:00:00",
"db": "BID",
"id": "71612"
},
{
"date": "2014-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"date": "2014-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-311"
},
{
"date": "2014-12-12T15:59:03.057000",
"db": "NVD",
"id": "CVE-2014-6381"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08956"
},
{
"date": "2014-12-16T00:00:00",
"db": "VULHUB",
"id": "VHN-74325"
},
{
"date": "2014-12-11T00:00:00",
"db": "BID",
"id": "71612"
},
{
"date": "2014-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007221"
},
{
"date": "2014-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-311"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-6381"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper WLC Device WLAN Software Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007221"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-311"
}
],
"trust": 0.6
}
}
VAR-201305-0317
Vulnerability from variot - Updated: 2025-04-11 23:07Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Juniper Networks SmartPass is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. SmartPass 8.0 MR1 and 7.7 MR2 are vulnerable. Juniper Networks SmartPass is a security management application of Juniper Networks (Juniper Networks), which can implement dynamic access control on all users and devices on the wireless LAN
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201305-0317",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smartpass",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "7.7"
},
{
"model": "smartpass",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "mr2"
},
{
"model": "smartpass mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.7"
},
{
"model": "smartpass mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "smartpass mr3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "7.7"
}
],
"sources": [
{
"db": "BID",
"id": "59757"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:juniper:smartpass",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ross Bushby of KRYPSYS",
"sources": [
{
"db": "BID",
"id": "59757"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3498",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2013-3498",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-63500",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-3498",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-3498",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201305-181",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-63500",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63500"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Juniper Networks SmartPass is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSmartPass 8.0 MR1 and 7.7 MR2 are vulnerable. Juniper Networks SmartPass is a security management application of Juniper Networks (Juniper Networks), which can implement dynamic access control on all users and devices on the wireless LAN",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3498"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "BID",
"id": "59757"
},
{
"db": "VULHUB",
"id": "VHN-63500"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3498",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "53359",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1028529",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10568",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201305-181",
"trust": 0.7
},
{
"db": "BID",
"id": "59757",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-63500",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63500"
},
{
"db": "BID",
"id": "59757"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"id": "VAR-201305-0317",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63500"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T23:07:17.034000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SmartPass",
"trust": 0.8,
"url": "http://www.juniper.net/jp/jp/products-services/software/security/smartpass/"
},
{
"title": "KB27375",
"trust": 0.8,
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB27375"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63500"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1028529"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/53359"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84110"
},
{
"trust": 1.0,
"url": "https://supportportal.juniper.net/jsa10568"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3498"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3498"
},
{
"trust": 0.7,
"url": "https://kb.juniper.net/kb27375"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/us/en/products-services/software/security/smartpass/"
},
{
"trust": 0.3,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=kb27375"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63500"
},
{
"db": "BID",
"id": "59757"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63500"
},
{
"db": "BID",
"id": "59757"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-08T00:00:00",
"db": "VULHUB",
"id": "VHN-63500"
},
{
"date": "2013-05-08T00:00:00",
"db": "BID",
"id": "59757"
},
{
"date": "2013-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"date": "2013-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"date": "2013-05-08T23:55:01.107000",
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-63500"
},
{
"date": "2013-05-08T00:00:00",
"db": "BID",
"id": "59757"
},
{
"date": "2013-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002610"
},
{
"date": "2013-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-181"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-3498"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper SmartPass WLAN Security Management Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002610"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-181"
}
],
"trust": 0.6
}
}
CVE-2014-6381 (GCVE-0-2014-6381)
Vulnerability from nvd – Published: 2014-12-12 15:00 – Updated: 2024-08-06 12:17
VLAI?
Summary
Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:17:23.935Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "71612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71612"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"name": "1031360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031360"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when \"Proxy ARP\" or \"No Broadcast\" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-12T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "71612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71612"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"name": "1031360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031360"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6381",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when \"Proxy ARP\" or \"No Broadcast\" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "71612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71612"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"name": "1031360",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031360"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-6381",
"datePublished": "2014-12-12T15:00:00.000Z",
"dateReserved": "2014-09-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T12:17:23.935Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3498 (GCVE-0-2013-3498)
Vulnerability from nvd – Published: 2013-05-08 00:00 – Updated: 2024-08-06 16:14
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:54.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1028529",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028529"
},
{
"name": "juniper-smartpass-cve20133498-xss(84110)",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84110"
},
{
"name": "53359",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/53359"
},
{
"tags": [
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA10568"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-29T15:05:12.588Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1028529",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1028529"
},
{
"name": "juniper-smartpass-cve20133498-xss(84110)",
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84110"
},
{
"name": "53359",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/53359"
},
{
"url": "https://supportportal.juniper.net/JSA10568"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3498",
"datePublished": "2013-05-08T00:00:00.000Z",
"dateReserved": "2013-05-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:14:54.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6381 (GCVE-0-2014-6381)
Vulnerability from cvelistv5 – Published: 2014-12-12 15:00 – Updated: 2024-08-06 12:17
VLAI?
Summary
Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:17:23.935Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "71612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71612"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"name": "1031360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031360"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when \"Proxy ARP\" or \"No Broadcast\" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-12T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "71612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71612"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"name": "1031360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031360"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6381",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when \"Proxy ARP\" or \"No Broadcast\" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "71612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71612"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10662"
},
{
"name": "1031360",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031360"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-6381",
"datePublished": "2014-12-12T15:00:00.000Z",
"dateReserved": "2014-09-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T12:17:23.935Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3498 (GCVE-0-2013-3498)
Vulnerability from cvelistv5 – Published: 2013-05-08 00:00 – Updated: 2024-08-06 16:14
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:54.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1028529",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028529"
},
{
"name": "juniper-smartpass-cve20133498-xss(84110)",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84110"
},
{
"name": "53359",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/53359"
},
{
"tags": [
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA10568"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-29T15:05:12.588Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1028529",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1028529"
},
{
"name": "juniper-smartpass-cve20133498-xss(84110)",
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84110"
},
{
"name": "53359",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/53359"
},
{
"url": "https://supportportal.juniper.net/JSA10568"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3498",
"datePublished": "2013-05-08T00:00:00.000Z",
"dateReserved": "2013-05-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:14:54.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}