Sign-up

ID

VAR-201409-0547


CVE

CVE-2014-3811


TITLE

Windows for Juniper Installer Service Client and Junos Pulse Client Vulnerability gained in

Trust: 0.8

sources: JVNDB: JVNDB-2014-004481

DESCRIPTION

Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows and Junos Pulse Client before 4.0R6 allows local users to gain privileges via unspecified vectors. Multiple Juniper Junos Products are prone to local privilege-escalation vulnerability. Local attackers can exploit this issue to escalate their access to root privileges

Trust: 2.25

sources: NVD: CVE-2014-3811 // JVNDB: JVNDB-2014-004481 // BID: 69797 // BID: 77956 // VULHUB: VHN-71751

AFFECTED PRODUCTS

vendor:junipermodel:installer service clientscope:eqversion:7.4

Trust: 1.6

vendor:junipermodel:junos pulse clientscope:eqversion:4.0

Trust: 1.6

vendor:junipermodel:installer service clientscope:eqversion:7.3

Trust: 1.6

vendor:junipermodel:ive osscope:eqversion:7.4

Trust: 1.1

vendor:junipermodel:ive osscope:eqversion:7.1

Trust: 1.1

vendor:junipermodel:installer service clientscope:eqversion:7.2

Trust: 1.0

vendor:junipermodel:installer service clientscope:eqversion:7.1

Trust: 1.0

vendor:junipermodel:junos pulse clientscope:lteversion:4.0

Trust: 1.0

vendor:junipermodel:secure access 700scope: - version: -

Trust: 0.8

vendor:junipermodel:secure access 6000scope: - version: -

Trust: 0.8

vendor:junipermodel:fips secure access 4000scope: - version: -

Trust: 0.8

vendor:junipermodel:secure access 6500scope: - version: -

Trust: 0.8

vendor:junipermodel:fips secure access 6000scope: - version: -

Trust: 0.8

vendor:junipermodel:secure access 4000scope: - version: -

Trust: 0.8

vendor:junipermodel:mag4610 gatewayscope: - version: -

Trust: 0.8

vendor:junipermodel:mag2600 gatewayscope: - version: -

Trust: 0.8

vendor:junipermodel:mag6611 gatewayscope: - version: -

Trust: 0.8

vendor:junipermodel:secure access 4500scope: - version: -

Trust: 0.8

vendor:junipermodel:mag6610 gatewayscope: - version: -

Trust: 0.8

vendor:junipermodel:secure access 2000scope: - version: -

Trust: 0.8

vendor:junipermodel:installer service clientscope:eqversion:7.4r6

Trust: 0.8

vendor:junipermodel:fips secure access 6500scope: - version: -

Trust: 0.8

vendor:junipermodel:installer service clientscope:ltversion:7.x (windows)

Trust: 0.8

vendor:junipermodel:secure access 2500scope: - version: -

Trust: 0.8

vendor:junipermodel:fips secure access 4500scope: - version: -

Trust: 0.8

vendor:junipermodel:windows junos pulsescope:eqversion:4.0

Trust: 0.3

vendor:junipermodel:sa700scope:eqversion:0

Trust: 0.3

vendor:junipermodel:sa6500 fipsscope:eqversion:0

Trust: 0.3

vendor:junipermodel:sa6500scope:eqversion:0

Trust: 0.3

vendor:junipermodel:sa6000 fipsscope:eqversion:0

Trust: 0.3

vendor:junipermodel:sa6000scope:eqversion:0

Trust: 0.3

vendor:junipermodel:sa4500 fipsscope:eqversion:0

Trust: 0.3

vendor:junipermodel:sa4500scope:eqversion:0

Trust: 0.3

vendor:junipermodel:sa4000 fipsscope:eqversion:0

Trust: 0.3

vendor:junipermodel:sa4000scope:eqversion:0

Trust: 0.3

vendor:junipermodel:sa2500scope:eqversion:0

Trust: 0.3

vendor:junipermodel:sa2000scope:eqversion:0

Trust: 0.3

vendor:junipermodel:mag6611scope:eqversion:0

Trust: 0.3

vendor:junipermodel:mag6610scope:eqversion:0

Trust: 0.3

vendor:junipermodel:mag4610scope:eqversion:0

Trust: 0.3

vendor:junipermodel:mag2600scope:eqversion:0

Trust: 0.3

vendor:junipermodel:ive os 7.4r8scope:neversion: -

Trust: 0.3

vendor:junipermodel:ive os 7.4r6scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos pulse client r5scope:eqversion:4.0

Trust: 0.3

vendor:junipermodel:junos pulse client r4scope:eqversion:4.0

Trust: 0.3

vendor:junipermodel:junos pulse client r3scope:eqversion:4.0

Trust: 0.3

vendor:junipermodel:junos pulse client r2scope:eqversion:4.0

Trust: 0.3

vendor:junipermodel:junos pulse client r1scope:eqversion:4.0

Trust: 0.3

vendor:junipermodel:installer service client r5.0scope:eqversion:7.4

Trust: 0.3

vendor:junipermodel:installer service client r4.0scope:eqversion:7.4

Trust: 0.3

vendor:junipermodel:installer service client r3.0scope:eqversion:7.4

Trust: 0.3

vendor:junipermodel:installer service client r2.0scope:eqversion:7.4

Trust: 0.3

vendor:junipermodel:installer service client r1.0scope:eqversion:7.4

Trust: 0.3

vendor:junipermodel:installer service client r9.1scope:eqversion:7.3

Trust: 0.3

vendor:junipermodel:installer service client r9.0scope:eqversion:7.3

Trust: 0.3

vendor:junipermodel:installer service client r8.0scope:eqversion:7.3

Trust: 0.3

vendor:junipermodel:installer service client r7.0scope:eqversion:7.3

Trust: 0.3

vendor:junipermodel:installer service client r6.0scope:eqversion:7.3

Trust: 0.3

vendor:junipermodel:installer service client r5.0scope:eqversion:7.3

Trust: 0.3

vendor:junipermodel:installer service client r4.1scope:eqversion:7.3

Trust: 0.3

vendor:junipermodel:installer service client r4.0scope:eqversion:7.3

Trust: 0.3

vendor:junipermodel:installer service client r3.0scope:eqversion:7.3

Trust: 0.3

vendor:junipermodel:installer service client r2.0scope:eqversion:7.3

Trust: 0.3

vendor:junipermodel:installer service client r11.0scope:eqversion:7.3

Trust: 0.3

vendor:junipermodel:installer service client r10.0scope:eqversion:7.3

Trust: 0.3

vendor:junipermodel:installer service client r1.0scope:eqversion:7.3

Trust: 0.3

vendor:junipermodel:installer service client r9.0scope:eqversion:7.2

Trust: 0.3

vendor:junipermodel:installer service client r8.0scope:eqversion:7.2

Trust: 0.3

vendor:junipermodel:installer service client r5.0scope:eqversion:7.2

Trust: 0.3

vendor:junipermodel:installer service client r4.0scope:eqversion:7.2

Trust: 0.3

vendor:junipermodel:installer service client r3.0scope:eqversion:7.2

Trust: 0.3

vendor:junipermodel:installer service client r2.0scope:eqversion:7.2

Trust: 0.3

vendor:junipermodel:installer service client r12.0scope:eqversion:7.2

Trust: 0.3

vendor:junipermodel:installer service client r11.0scope:eqversion:7.2

Trust: 0.3

vendor:junipermodel:installer service client r10.0scope:eqversion:7.2

Trust: 0.3

vendor:junipermodel:installer service client r1.1scope:eqversion:7.2

Trust: 0.3

vendor:junipermodel:installer service client r1.0scope:eqversion:7.2

Trust: 0.3

vendor:junipermodel:installer service client r9scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r8scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r7scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r6scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r5scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r4.2scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r4.1scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r4scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r3scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r2scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r17scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r16scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r15scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r14scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r13scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r12scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r11scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r10scope:eqversion:7.1

Trust: 0.3

vendor:junipermodel:installer service client r1.1scope:eqversion:7.1

Trust: 0.3

sources: BID: 69797 // BID: 77956 // JVNDB: JVNDB-2014-004481 // CNNVD: CNNVD-201409-1107 // NVD: CVE-2014-3811

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-3811
value: HIGH

Trust: 1.0

NVD: CVE-2014-3811
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201409-1107
value: HIGH

Trust: 0.6

VULHUB: VHN-71751
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-3811
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-71751
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-71751 // JVNDB: JVNDB-2014-004481 // CNNVD: CNNVD-201409-1107 // NVD: CVE-2014-3811

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-71751 // JVNDB: JVNDB-2014-004481 // NVD: CVE-2014-3811

THREAT TYPE

local

Trust: 1.2

sources: BID: 69797 // BID: 77956 // CNNVD: CNNVD-201409-1107

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201409-1107

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-004481

PATCH
title:JSA10644url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10644
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2014-004481

EXTERNAL IDS
db:NVDid:CVE-2014-3811
Trust: 2.8
db:JUNIPERid:JSA10644
Trust: 2.3
db:JVNDBid:JVNDB-2014-004481
Trust: 0.8
db:CNNVDid:CNNVD-201409-1107
Trust: 0.7
db:BIDid:77956
Trust: 0.4
db:BIDid:69797
Trust: 0.3
db:VULHUBid:VHN-71751
Trust: 0.1
sources:
            
            
            VULHUB: VHN-71751 // 
            
            
            
            BID: 69797 // 
            
            
            
            BID: 77956 // 
            
            
            
            JVNDB: JVNDB-2014-004481 // 
            
            
            
            CNNVD: CNNVD-201409-1107 // 
            
            
            
            NVD: CVE-2014-3811

REFERENCES
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10644
Trust: 1.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3811
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3811
Trust: 0.8
url:http://www.juniper.net
Trust: 0.3
url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10644&cat=sirt_1&actp=list
Trust: 0.3
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10644
Trust: 0.1
sources:
            
            
            VULHUB: VHN-71751 // 
            
            
            
            BID: 69797 // 
            
            
            
            BID: 77956 // 
            
            
            
            JVNDB: JVNDB-2014-004481 // 
            
            
            
            CNNVD: CNNVD-201409-1107 // 
            
            
            
            NVD: CVE-2014-3811

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 69797

SOURCES
db:VULHUBid:VHN-71751
db:BIDid:69797
db:BIDid:77956
db:JVNDBid:JVNDB-2014-004481
db:CNNVDid:CNNVD-201409-1107
db:NVDid:CVE-2014-3811

LAST UPDATE DATE
2025-04-13T23:25:22.817000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-71751date:2014-09-30T00:00:00
db:BIDid:69797date:2014-09-10T00:00:00
db:BIDid:77956date:2014-09-29T00:00:00
db:JVNDBid:JVNDB-2014-004481date:2014-10-01T00:00:00
db:CNNVDid:CNNVD-201409-1107date:2014-09-30T00:00:00
db:NVDid:CVE-2014-3811date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-71751date:2014-09-29T00:00:00
db:BIDid:69797date:2014-09-10T00:00:00
db:BIDid:77956date:2014-09-29T00:00:00
db:JVNDBid:JVNDB-2014-004481date:2014-10-01T00:00:00
db:CNNVDid:CNNVD-201409-1107date:2014-09-30T00:00:00
db:NVDid:CVE-2014-3811date:2014-09-29T14:55:08.673