1. Home
  2. CVE Database
  3. CVE-2014-3812
MEDIUM · 5.0

CVE-2014-3812

The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable ciph...

Vulnerability Description

The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
JuniperIve Os7.4
JuniperUnified Access Control Software4.4
JuniperFips Infranet Controller 6500-
JuniperFips Secure Access 4000-
JuniperFips Secure Access 4500-
JuniperFips Secure Access 6000-
JuniperFips Secure Access 6500-
JuniperInfranet Controller 4000-
JuniperInfranet Controller 4500-
JuniperInfranet Controller 6000-
JuniperInfranet Controller 6500-
JuniperMag2600 Gateway-
JuniperMag4610 Gateway-
JuniperMag6610 Gateway-
JuniperMag6611 Gateway-
JuniperSecure Access 2500-
JuniperSecure Access 4500-
JuniperSecure Access 700-

Related Weaknesses (CWE)

CWE-310

References

FAQ

What is CVE-2014-3812?

CVE-2014-3812 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable ciph...

How severe is CVE-2014-3812?

CVE-2014-3812 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-3812?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Ive Os, Juniper Unified Access Control Software, Juniper Fips Infranet Controller 6500, Juniper Fips Secure Access 4000, Juniper Fips Secure Access 4500.