Permissions, Privileges, and Access Controls in Ivanti Connect Secure (formerly Pulse Connect Secure) - CVE-2015-7323
Published: October 5, 2015 / Updated: August 9, 2020
Vulnerability identifier: #VU40642
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2015-7323
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Ivanti
Affected software:
Ivanti Connect Secure (formerly Pulse Connect Secure)
Ivanti Connect Secure (formerly Pulse Connect Secure)
Detailed vulnerability description
The vulnerability allows a remote #AU# to gain access to sensitive information.
The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypass intended access restrictions and log into arbitrary meetings by leveraging a meeting id and meetingAppSun.jar.
How to mitigate CVE-2015-7323
Install update from vendor's website.
Sources
- http://seclists.org/fulldisclosure/2015/Sep/98
- http://www.securitytracker.com/id/1033684
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40054
- https://packetstormsecurity.com/files/133711/Junos-Pulse-Secure-Meeting-8.0.5-Access-Bypass.html
- https://profundis-labs.com/advisories/CVE-2015-7323.txt