CVE-2014-3811 — Juniper Junos Pulse Client vulnerability

CWE-2643 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.0%

top 86.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Junos Pulse Client Juniper Installer Service Client Juniper Junos OS

Timeline

PublishedSep 29

Latest updateMay 17

Description

Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows and Junos Pulse Client before 4.0R6 allows local users to gain privileges via unspecified vectors.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages3 packages

▶NVDjuniper/junos_pulse_client4.0+1

▶NVDjuniper/juniper_installer_service_client4 versions+3

▶juniperjuniper/junos_os

🔴Vulnerability Details

GHSA

GHSA-xcwf-gwwm-6v7m: Juniper Installer Service (JIS) Client 7↗2022-05-17

▶

📋Vendor Advisories

Juniper

CVE-2014-3811: Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows and Junos Pulse Client before 4.0R6 allows local users to gain privileges via unsp↗2014-09-29

▶