PT-2008-2774 · Juniper Networks · Juniper Networks Secure Access 2000

Publicado

2008-03-06

·

Atualizado

2018-10-11

·

CVE-2008-1181

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Juniper Networks Secure Access 2000 version 5.5 R1 (build 11711)
Description The issue allows remote attackers to obtain sensitive information via a direct request for "remediate.cgi" without certain parameters, which reveals the path in an "Execute failed" error message.
Recommendations For Juniper Networks Secure Access 2000 version 5.5 R1 (build 11711), consider restricting access to the "remediate.cgi" endpoint until a fix is available. Avoid using this endpoint without providing the required parameters to minimize the risk of exploitation.

Exploit

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2008-1181

Produtos afetados

Juniper Networks Secure Access 2000