1. Home
  2. CVE Database
  3. CVE-2012-5460
MEDIUM · 4.3

CVE-2012-5460

Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject arbitrar...

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject arbitrary web script or HTML via the WWHSearchWordsText parameter.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
JuniperIve Os7.1
JuniperSecure Access Virtual Appliance-
JuniperFips Secure Access 4000-
JuniperFips Secure Access 4500-
JuniperFips Secure Access 6000-
JuniperFips Secure Access 6500-
JuniperMag2600 Gateway-
JuniperMag4610 Gateway-
JuniperMag6610 Gateway-
JuniperMag6611 Gateway-
JuniperSecure Access 2000-
JuniperSecure Access 2500-
JuniperSecure Access 4000-
JuniperSecure Access 4500-
JuniperSecure Access 6000-
JuniperSecure Access 6500-
JuniperSecure Access 700-

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2012-5460?

CVE-2012-5460 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject arbitrar...

How severe is CVE-2012-5460?

CVE-2012-5460 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-5460?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Ive Os, Juniper Secure Access Virtual Appliance, Juniper Fips Secure Access 4000, Juniper Fips Secure Access 4500, Juniper Fips Secure Access 6000.