ID

VAR-201309-0473


CVE

CVE-2013-5650


TITLE

Juniper Junos Pulse Secure Access Service and Junos Pulse Access Control Service Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-004161

DESCRIPTION

Junos Pulse Secure Access Service (IVE) 7.1 before 7.1r5, 7.2 before 7.2r10, 7.3 before 7.3r6, and 7.4 before 7.4r3 and Junos Pulse Access Control Service (UAC) 4.1 before 4.1r8.1, 4.2 before 4.2r5, 4.3 before 4.3r6 and 4.4 before 4.4r3, when a hardware SSL acceleration card is enabled, allows remote attackers to cause a denial of service (device hang) via a crafted packet. Attackers can exploit this issue to cause denial-of-service conditions. IVE is a simple, intuitive client. UAC is a standard-based, scalable network access control solution. A denial of service vulnerability exists in versions 7.1 to 7.4 of IVE devices and versions 4.1 to 4.4 of UAC devices

Trust: 1.98

sources: NVD: CVE-2013-5650 // JVNDB: JVNDB-2013-004161 // BID: 62354 // VULHUB: VHN-65652

AFFECTED PRODUCTS

vendor:junipermodel:junos pulse access control servicescope:eqversion:4.1

Trust: 1.6

vendor:junipermodel:junos pulse secure access servicescope:eqversion:7.1

Trust: 1.6

vendor:junipermodel:junos pulse access control servicescope:eqversion:4.3

Trust: 1.6

vendor:junipermodel:junos pulse secure access servicescope:eqversion:7.4

Trust: 1.6

vendor:junipermodel:junos pulse secure access servicescope:eqversion:7.2

Trust: 1.6

vendor:junipermodel:junos pulse access control servicescope:eqversion:4.2

Trust: 1.6

vendor:junipermodel:junos pulse secure access servicescope:eqversion:7.3

Trust: 1.6

vendor:junipermodel:junos pulse access control servicescope:eqversion:4.4

Trust: 1.6

vendor:junipermodel:junos pulse access control servicescope:eqversion:4.1r8.1

Trust: 0.8

vendor:junipermodel:junos pulse access control servicescope:ltversion:4.3

Trust: 0.8

vendor:junipermodel:junos pulse access control servicescope:eqversion:4.4r3

Trust: 0.8

vendor:junipermodel:junos pulse secure access servicescope:eqversion:7.2r10

Trust: 0.8

vendor:junipermodel:junos pulse access control servicescope:ltversion:4.4

Trust: 0.8

vendor:junipermodel:junos pulse access control servicescope:eqversion:4.3r6

Trust: 0.8

vendor:junipermodel:junos pulse access control servicescope:ltversion:4.1

Trust: 0.8

vendor:junipermodel:junos pulse secure access servicescope:ltversion:7.2

Trust: 0.8

vendor:junipermodel:junos pulse secure access servicescope:ltversion:7.3

Trust: 0.8

vendor:junipermodel:junos pulse secure access servicescope:eqversion:7.3r6

Trust: 0.8

vendor:junipermodel:junos pulse secure access servicescope:eqversion:7.4r3

Trust: 0.8

vendor:junipermodel:junos pulse access control servicescope:eqversion:4.2r5

Trust: 0.8

vendor:junipermodel:junos pulse secure access servicescope:ltversion:7.4

Trust: 0.8

vendor:junipermodel:junos pulse access control servicescope:ltversion:4.2

Trust: 0.8

vendor:junipermodel:junos pulse secure access servicescope:eqversion:7.1r5

Trust: 0.8

vendor:junipermodel:junos pulse secure access servicescope:ltversion:7.1

Trust: 0.8

vendor:junipermodel:networks sa6500 fipsscope:eqversion:0

Trust: 0.3

vendor:junipermodel:networks sa6000 fipsscope:eqversion:0

Trust: 0.3

vendor:junipermodel:networks ive os 7.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:networks ive osscope:eqversion:7.1

Trust: 0.3

sources: BID: 62354 // JVNDB: JVNDB-2013-004161 // CNNVD: CNNVD-201309-234 // NVD: CVE-2013-5650

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-5650
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-5650
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201309-234
value: MEDIUM

Trust: 0.6

VULHUB: VHN-65652
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-5650
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-65652
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-65652 // JVNDB: JVNDB-2013-004161 // CNNVD: CNNVD-201309-234 // NVD: CVE-2013-5650

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-65652 // JVNDB: JVNDB-2013-004161 // NVD: CVE-2013-5650

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201309-234

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201309-234

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-004161

PATCH

title:JSA10590url:https://kb.juniper.net/InfoCenter/index?cmid=no&page=content&id=JSA10590

Trust: 0.8

sources: JVNDB: JVNDB-2013-004161

EXTERNAL IDS

db:NVDid:CVE-2013-5650

Trust: 2.8

db:JUNIPERid:JSA10590

Trust: 2.0

db:SECUNIAid:54776

Trust: 1.7

db:OSVDBid:97241

Trust: 1.1

db:JVNDBid:JVNDB-2013-004161

Trust: 0.8

db:CNNVDid:CNNVD-201309-234

Trust: 0.7

db:BIDid:62354

Trust: 0.4

db:VULHUBid:VHN-65652

Trust: 0.1

sources: VULHUB: VHN-65652 // BID: 62354 // JVNDB: JVNDB-2013-004161 // CNNVD: CNNVD-201309-234 // NVD: CVE-2013-5650

REFERENCES

url:https://kb.juniper.net/infocenter/index?cmid=no&page=content&id=jsa10590

Trust: 1.9

url:http://secunia.com/advisories/54776

Trust: 1.7

url:http://osvdb.org/97241

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/87063

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5650

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5650

Trust: 0.8

url:http://www.juniper.net/

Trust: 0.3

url:https://kb.juniper.net/infocenter/index?cmid=no&page=content&id=jsa10590

Trust: 0.1

sources: VULHUB: VHN-65652 // BID: 62354 // JVNDB: JVNDB-2013-004161 // CNNVD: CNNVD-201309-234 // NVD: CVE-2013-5650

CREDITS

The vendor credits Kenny Herold.

Trust: 0.3

sources: BID: 62354

SOURCES

db:VULHUBid:VHN-65652
db:BIDid:62354
db:JVNDBid:JVNDB-2013-004161
db:CNNVDid:CNNVD-201309-234
db:NVDid:CVE-2013-5650

LAST UPDATE DATE

2025-04-11T23:09:49.960000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-65652date:2017-08-29T00:00:00
db:BIDid:62354date:2013-09-12T00:00:00
db:JVNDBid:JVNDB-2013-004161date:2013-09-18T00:00:00
db:CNNVDid:CNNVD-201309-234date:2013-09-25T00:00:00
db:NVDid:CVE-2013-5650date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:VULHUBid:VHN-65652date:2013-09-16T00:00:00
db:BIDid:62354date:2013-09-12T00:00:00
db:JVNDBid:JVNDB-2013-004161date:2013-09-18T00:00:00
db:CNNVDid:CNNVD-201309-234date:2013-09-25T00:00:00
db:NVDid:CVE-2013-5650date:2013-09-16T19:14:39.367