CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-6956

Cross-site scripting (XSS) vulnerability in the Secure Access Service Web rewriting feature in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r17, 7.3 before 7.3r8, 7.4 before 7.4r6, and 8.0 before 8.0r1, when web rewrite is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.6%

CVSS Severity

CVSS v2 Score 2.1

References

http://osvdb.org/100862
http://www.securitytracker.com/id/1029489
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10602
http://osvdb.org/100862
http://www.securitytracker.com/id/1029489
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10602

Products affected by CVE-2013-6956

Juniper » Ive Os » Version: 7.1

cpe:2.3:o:juniper:ive_os:7.1
Juniper » Ive Os » Version: 7.3

cpe:2.3:o:juniper:ive_os:7.3
Juniper » Ive Os » Version: 7.4

cpe:2.3:o:juniper:ive_os:7.4
Juniper » Ive Os » Version: 8.0

cpe:2.3:o:juniper:ive_os:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-6956

Products

Pricing

Contact Us