CVE-2012-5460

{"id": "CVE-2012-5460", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-08-01T13:32:35.103", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0148.html", "source": "cve@mitre.org"}, {"url": "http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-03-874&viewMode=view", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject arbitrary web script or HTML via the WWHSearchWordsText parameter."}, {"lang": "es", "value": "Vulnerabilidad XSS en la p\u00e1gina de ayuda en Juniper Secure Access (SA) con IVE OS anterior a 7.1r13, 7.2.x anterior a 7.2r7, y 7.3.x anterior a 7.3r2, permite a atacantes remotos inyectar secuencias de comandos web y HTML arbitrarias a trav\u00e9s del par\u00e1metro WWHSearchWordsText."}], "lastModified": "2013-08-01T13:32:35.103", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:ive_os:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4313025-3FC4-42DB-B18E-57EC5C566B74"}, {"criteria": "cpe:2.3:o:juniper:ive_os:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "754A5F1C-E181-4D36-86A7-5124C22EBF40"}, {"criteria": "cpe:2.3:o:juniper:ive_os:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8ECD0F7E-715A-4C52-ACF1-EE7A7042B991"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:juniper:secure_access_virtual_appliance:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49C013C9-3F10-4B6A-A1C6-7171DB9BE6DD"}, {"criteria": "cpe:2.3:h:juniper:fips_secure_access_4000:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80CC7A54-95DD-4C60-8A99-21F800616784"}, {"criteria": "cpe:2.3:h:juniper:fips_secure_access_4500:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B68C4310-771E-4E8F-9C62-6EBE233FCB92"}, {"criteria": "cpe:2.3:h:juniper:fips_secure_access_6000:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55331F37-6F9B-48A8-BBB3-BE9EBF4C2B3D"}, {"criteria": "cpe:2.3:h:juniper:fips_secure_access_6500:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "528028F3-3F3F-4354-A1D7-2EF66BA27CEC"}, {"criteria": "cpe:2.3:h:juniper:mag2600_gateway:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1EE557B9-DF6D-4C20-98BE-E934D187CCFC"}, {"criteria": "cpe:2.3:h:juniper:mag4610_gateway:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB174F88-B643-4338-BCD6-A9CD0EDB54A6"}, {"criteria": "cpe:2.3:h:juniper:mag6610_gateway:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "115C8834-8BD1-4561-8B98-AE29E3B9C1C9"}, {"criteria": "cpe:2.3:h:juniper:mag6611_gateway:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54C5F933-61BB-40EA-9ADC-C22CFE8F9D1B"}, {"criteria": "cpe:2.3:h:juniper:secure_access_2000:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF6B885A-5C17-4928-A1B9-4A729F277F4B"}, {"criteria": "cpe:2.3:h:juniper:secure_access_2500:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82E5E8BD-68B9-4C94-A1F0-3F5C3EC7620A"}, {"criteria": "cpe:2.3:h:juniper:secure_access_4000:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D6A2465-451A-436A-89C1-94424A0C4AB8"}, {"criteria": "cpe:2.3:h:juniper:secure_access_4500:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "641091CF-F671-4AD7-B10F-E50497AC462B"}, {"criteria": "cpe:2.3:h:juniper:secure_access_6000:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "501D212B-D846-4D43-B6D8-F01C2483AB64"}, {"criteria": "cpe:2.3:h:juniper:secure_access_6500:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "075FD895-451D-4959-9A73-94F5BB1853E6"}, {"criteria": "cpe:2.3:h:juniper:secure_access_700:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42FB27DD-D685-4D5E-8DAF-7A34DE33AB59"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}