Details of VAR-201306-0317

ID

VAR-201306-0317

CVE

CVE-2013-3970

TITLE

Juniper Junos Pulse Secure Access Service and Junos Pulse Access Control Service In SSL Vulnerability impersonating a server

Trust: 0.8

sources: JVNDB: JVNDB-2013-002976

DESCRIPTION

Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7.0r2 through 7.0r8 and 7.1r1 through 7.1r5 and Junos Pulse Access Control Service (aka UAC) with UAC OS 4.1r1 through 4.1r5 include a test Certification Authority (CA) certificate in the Trusted Server CAs list, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging control over that test CA. Juniper Networks Junos Pulse Secure Access Service and Pulse Access Control Service are prone to a security vulnerability that allows attackers to perform man-in-the-middle attacks. Remote attackers can exploit this issue to gain access to sensitive information; other attacks are also possible

Trust: 1.98

sources: NVD: CVE-2013-3970 // JVNDB: JVNDB-2013-002976 // BID: 60521 // VULHUB: VHN-63972

AFFECTED PRODUCTS

vendor:	juniper	model:	junos pulse access control service	scope:	eq	version:	4.1r5	Trust: 1.6
vendor:	juniper	model:	junos pulse access control service	scope:	eq	version:	4.1r3	Trust: 1.6
vendor:	juniper	model:	junos pulse access control service	scope:	eq	version:	4.1r1.1	Trust: 1.6
vendor:	juniper	model:	junos pulse access control service	scope:	eq	version:	4.1r1	Trust: 1.6
vendor:	juniper	model:	junos pulse access control service	scope:	eq	version:	4.1r2	Trust: 1.6
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.0r8	Trust: 1.6
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.1r4	Trust: 1.6
vendor:	juniper	model:	junos pulse access control service	scope:	eq	version:	4.1r4	Trust: 1.6
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.1r1.1	Trust: 1.6
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.0r4	Trust: 1.6
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.0r2	Trust: 1.0
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.1r5	Trust: 1.0
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.0r7	Trust: 1.0
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.1r3	Trust: 1.0
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.0r5	Trust: 1.0
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.1r2	Trust: 1.0
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.0r6	Trust: 1.0
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.1r1	Trust: 1.0
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.0r3	Trust: 1.0
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.0r5.1	Trust: 1.0
vendor:	juniper	model:	junos pulse access control service	scope:	eq	version:	4.1r1 to 4.1r5 (uac os)	Trust: 0.8
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.0r2 to 7.0r8 (ive os)	Trust: 0.8
vendor:	juniper	model:	junos pulse secure access service	scope:	eq	version:	7.1r1 to 7.1r5 (ive os)	Trust: 0.8
vendor:	juniper	model:	uac os 4.1r5	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	uac os 4.1r4	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	uac os 4.1r3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	uac os 4.1r2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	uac os 4.1r1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	ive os 7.1r5	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	ive os 7.1r4	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	ive os 7.1r3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	ive os 7.1r2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	ive os 7.1r1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	ive os 7.0r8	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	ive os 7.0r7	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	ive os 7.0r6	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	ive os 7.0r5	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	ive os 7.0r4	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	ive os 7.0r3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	ive os 7.0r2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	uac os 4.1r6	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	ive os 7.1r7	scope:	ne	version:	-	Trust: 0.3

sources: BID: 60521 // JVNDB: JVNDB-2013-002976 // CNNVD: CNNVD-201306-243 // NVD: CVE-2013-3970

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-3970
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2013-3970
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201306-243
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-63972
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2013-3970
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-63972
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-63972 // JVNDB: JVNDB-2013-002976 // CNNVD: CNNVD-201306-243 // NVD: CVE-2013-3970

PROBLEMTYPE DATA

problemtype:

CWE-310

Trust: 1.9

sources: VULHUB: VHN-63972 // JVNDB: JVNDB-2013-002976 // NVD: CVE-2013-3970

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201306-243

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201306-243

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-002976

PATCH

title:

JSA10571

url:

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10571

Trust: 0.8

sources: JVNDB: JVNDB-2013-002976

EXTERNAL IDS

db:	NVD	id:	CVE-2013-3970	Trust: 2.8
db:	JUNIPER	id:	JSA10571	Trust: 2.0
db:	JVNDB	id:	JVNDB-2013-002976	Trust: 0.8
db:	CNNVD	id:	CNNVD-201306-243	Trust: 0.7
db:	BID	id:	60521	Trust: 0.4
db:	VULHUB	id:	VHN-63972	Trust: 0.1

sources: VULHUB: VHN-63972 // BID: 60521 // JVNDB: JVNDB-2013-002976 // CNNVD: CNNVD-201306-243 // NVD: CVE-2013-3970

REFERENCES

url:	http://kb.juniper.net/jsa10571	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3970	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3970	Trust: 0.8
url:	https://www.juniper.net/in/en/products-services/software/junos-platform/junos-pulse/access-control/	Trust: 0.3
url:	http://www.juniper.net/us/en/products-services/software/junos-platform/junos-pulse/secure-access/	Trust: 0.3
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10571	Trust: 0.3

sources: VULHUB: VHN-63972 // BID: 60521 // JVNDB: JVNDB-2013-002976 // CNNVD: CNNVD-201306-243 // NVD: CVE-2013-3970

CREDITS

Reported by the vendor.

Trust: 0.3

sources: BID: 60521

SOURCES

db:	VULHUB	id:	VHN-63972
db:	BID	id:	60521
db:	JVNDB	id:	JVNDB-2013-002976
db:	CNNVD	id:	CNNVD-201306-243
db:	NVD	id:	CVE-2013-3970

LAST UPDATE DATE

2025-04-11T23:10:40.481000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-63972	date:	2013-06-13T00:00:00
db:	BID	id:	60521	date:	2013-06-12T00:00:00
db:	JVNDB	id:	JVNDB-2013-002976	date:	2013-06-14T00:00:00
db:	CNNVD	id:	CNNVD-201306-243	date:	2013-06-17T00:00:00
db:	NVD	id:	CVE-2013-3970	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-63972	date:	2013-06-13T00:00:00
db:	BID	id:	60521	date:	2013-06-12T00:00:00
db:	JVNDB	id:	JVNDB-2013-002976	date:	2013-06-14T00:00:00
db:	CNNVD	id:	CNNVD-201306-243	date:	2013-06-17T00:00:00
db:	NVD	id:	CVE-2013-3970	date:	2013-06-13T16:47:25.930