Sign-up

ID

VAR-201304-0038


CVE

CVE-2012-1038


TITLE

Juniper Networks Mobility System Software Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2012-005977

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the WebAAA login functionality (wba_login.html) in Juniper Networks Mobility System Software (MSS) 7.6.x before 7.6.3, 7.7.x before 7.7.1, 7.5.x before 7.5.3, and other unspecified versions before 7.4 and 7.3 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter name. Mobility System Software is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Mobility System Software versions prior to 7.6.3 and 7.7.1 are vulnerable. Juniper Networks Mobility System software is Juniper cable LAN A component of a service software product. ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Juniper Networks Mobility System GET Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA49587 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49587/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49587 RELEASE DATE: 2012-06-19 DISCUSS ADVISORY: http://secunia.com/advisories/49587/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/49587/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=49587 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Dell SecureWorks has reported a vulnerability in Juniper Networks Mobility System, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via GET parameters to aaa/wba_login.html is not properly sanitised before being returned to the user. SOLUTION: Update to version 7.6.3 or 7.7.1. PROVIDED AND/OR DISCOVERED BY: Craig Lambert, Dell SecureWorks. ORIGINAL ADVISORY: SWRX-2012-004: http://www.secureworks.com/research/advisories/SWRX-2012-004/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2012-1038 // JVNDB: JVNDB-2012-005977 // BID: 54075 // VULHUB: VHN-54319 // PACKETSTORM: 113864

AFFECTED PRODUCTS

vendor:junipermodel:networks mobility system softwarescope:eqversion:7.4

Trust: 1.6

vendor:junipermodel:networks mobility system softwarescope:eqversion:7.5.1.6

Trust: 1.6

vendor:junipermodel:networks mobility system softwarescope:eqversion:7.3

Trust: 1.6

vendor:junipermodel:networks mobility system softwarescope:eqversion:7.6

Trust: 1.6

vendor:junipermodel:networks mobility system softwarescope:eqversion:7.5

Trust: 1.6

vendor:junipermodel:networks mobility system softwarescope:eqversion:7.7

Trust: 1.6

vendor:junipermodel:mobility system softwarescope:ltversion:7.7.x

Trust: 0.8

vendor:junipermodel:mobility system softwarescope:eqversion:7.7.1

Trust: 0.8

vendor:junipermodel:mobility system softwarescope:eqversion:7.4 7.3

Trust: 0.8

vendor:junipermodel:mobility system softwarescope:ltversion:7.5.x

Trust: 0.8

vendor:junipermodel:mobility system softwarescope:eqversion:7.6.3

Trust: 0.8

vendor:junipermodel:mobility system softwarescope:ltversion:7.6.x

Trust: 0.8

vendor:junipermodel:mobility system softwarescope:eqversion:7.5.3

Trust: 0.8

vendor:junipermodel:mobility system softwarescope:ltversion:unspecified version

Trust: 0.8

vendor:junipermodel:mobility system softwarescope:eqversion:7.7

Trust: 0.3

vendor:junipermodel:mobility system softwarescope:eqversion:7.6.2

Trust: 0.3

vendor:junipermodel:mobility system softwarescope:neversion:7.7.1

Trust: 0.3

vendor:junipermodel:mobility system softwarescope:neversion:7.6.3

Trust: 0.3

sources: BID: 54075 // JVNDB: JVNDB-2012-005977 // CNNVD: CNNVD-201206-358 // NVD: CVE-2012-1038

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-1038
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-1038
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201206-358
value: MEDIUM

Trust: 0.6

VULHUB: VHN-54319
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2012-1038
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-54319
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-54319 // JVNDB: JVNDB-2012-005977 // CNNVD: CNNVD-201206-358 // NVD: CVE-2012-1038

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-54319 // JVNDB: JVNDB-2012-005977 // NVD: CVE-2012-1038

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201206-358

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 113864 // CNNVD: CNNVD-201206-358

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-005977

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-54319

PATCH
title:Mobility System Software - Download Softwareurl:http://www.juniper.net/support/downloads/?p=mss#sw
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2012-005977

EXTERNAL IDS
db:NVDid:CVE-2012-1038
Trust: 2.8
db:JVNDBid:JVNDB-2012-005977
Trust: 0.8
db:CNNVDid:CNNVD-201206-358
Trust: 0.7
db:SECUNIAid:49587
Trust: 0.7
db:BIDid:54075
Trust: 0.4
db:EXPLOIT-DBid:37429
Trust: 0.1
db:VULHUBid:VHN-54319
Trust: 0.1
db:PACKETSTORMid:113864
Trust: 0.1
sources:
            
            
            VULHUB: VHN-54319 // 
            
            
            
            BID: 54075 // 
            
            
            
            JVNDB: JVNDB-2012-005977 // 
            
            
            
            PACKETSTORM: 113864 // 
            
            
            
            CNNVD: CNNVD-201206-358 // 
            
            
            
            NVD: CVE-2012-1038

REFERENCES
url:http://www.secureworks.com/cyber-threat-intelligence/advisories/swrx-2012-004/
Trust: 2.5
url:http://www.secureworks.com/advisories/swrx-2012-004/swrx-2012-004.pdf
Trust: 1.7
url:http://www.juniper.net/alerts/viewalert.jsp?actionbtn=search&txtalertnumber=psn-2012-06-611&viewmode=view
Trust: 1.6
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1038
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1038
Trust: 0.8
url:http://secunia.com/advisories/49587
Trust: 0.6
url:http://www.secureworks.com/research/advisories/swrx-2012-004/
Trust: 0.4
url:http://www.juniper.net/
Trust: 0.3
url:http://www.juniper.net/alerts/viewalert.jsp?actionbtn=search&txtalertnumber=psn-2012-06-611&viewmode=view
Trust: 0.1
url:http://secunia.com/advisories/49587/#comments
Trust: 0.1
url:http://secunia.com/psi_30_beta_launch
Trust: 0.1
url:http://secunia.com/vulnerability_intelligence/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=49587
Trust: 0.1
url:http://secunia.com/advisories/49587/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-54319 // 
            
            
            
            BID: 54075 // 
            
            
            
            JVNDB: JVNDB-2012-005977 // 
            
            
            
            PACKETSTORM: 113864 // 
            
            
            
            CNNVD: CNNVD-201206-358 // 
            
            
            
            NVD: CVE-2012-1038

CREDITS
Craig Lambert from Dell SecureWorks
Trust: 0.3
sources:
            
            
            BID: 54075

SOURCES
db:VULHUBid:VHN-54319
db:BIDid:54075
db:JVNDBid:JVNDB-2012-005977
db:PACKETSTORMid:113864
db:CNNVDid:CNNVD-201206-358
db:NVDid:CVE-2012-1038

LAST UPDATE DATE
2025-04-11T23:17:17.266000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-54319date:2016-09-29T00:00:00
db:BIDid:54075date:2012-06-14T00:00:00
db:JVNDBid:JVNDB-2012-005977date:2013-04-04T00:00:00
db:CNNVDid:CNNVD-201206-358date:2013-04-03T00:00:00
db:NVDid:CVE-2012-1038date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-54319date:2013-04-03T00:00:00
db:BIDid:54075date:2012-06-14T00:00:00
db:JVNDBid:JVNDB-2012-005977date:2013-04-04T00:00:00
db:PACKETSTORMid:113864date:2012-06-19T06:52:22
db:CNNVDid:CNNVD-201206-358date:2012-06-21T00:00:00
db:NVDid:CVE-2012-1038date:2013-04-03T00:55:01.117