Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2291


Vulnerability Score 3.5 3.5
CVE Id CVE-2014-2291
Last Modified 01 Apr 2014 02:29:32
Published 14 Mar 2014 11:55:05
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE



Cross-site scripting (XSS) vulnerability in the Pulse Collaboration (Secure Meeting) user pages in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Operating System

  • Juniper Ive Os 7.1

  • Juniper Ive Os 7.3

  • Juniper Ive Os 7.4

  • Juniper Ive Os 8.0



XF - juniper-junos-cve20142291-xss(91770)

SECUNIA - 57375

Last Updated: 27 May 2016 11:04:48