- Description
- The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 provides different messages for attempts to join a meeting depending on the status of the meeting, which allows remote attackers to enumerate valid meeting ids via a series of requests.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-200
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:pulse_connect_secure:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58B1967B-76D9-4E46-8E98-594684B53CC7"
},
{
"criteria": "cpe:2.3:a:juniper:pulse_connect_secure:7.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C209D3C-C716-4A7F-9665-0C9C1DC2933F"
},
{
"criteria": "cpe:2.3:a:juniper:pulse_connect_secure:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BBDB9656-C040-4434-B484-31C682C55149"
},
{
"criteria": "cpe:2.3:a:juniper:pulse_connect_secure:8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "274B576D-5D83-4028-9732-0A394CA89FC3"
}
],
"operator": "OR"
}
]
}
]