SB2015100509 - Multiple vulnerabilities in Pulse Connect Secure
Published: October 5, 2015 Updated: August 9, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2015-7323)
The vulnerability allows a remote #AU# to gain access to sensitive information.
The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypass intended access restrictions and log into arbitrary meetings by leveraging a meeting id and meetingAppSun.jar.
2) Information disclosure (CVE-ID: CVE-2015-7322)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 provides different messages for attempts to join a meeting depending on the status of the meeting, which allows remote attackers to enumerate valid meeting ids via a series of requests.
Remediation
Install update from vendor's website.
References
- http://seclists.org/fulldisclosure/2015/Sep/98
- http://www.securitytracker.com/id/1033684
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40054
- https://packetstormsecurity.com/files/133711/Junos-Pulse-Secure-Meeting-8.0.5-Access-Bypass.html
- https://profundis-labs.com/advisories/CVE-2015-7323.txt
- http://www.securitytracker.com/id/1033685
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40053
- https://profundis-labs.com/advisories/CVE-2015-7322.txt