CVE-2015-7322
Pulse Connect Secure < 7.1R22.1, 7.4, 8.0 < 8.0R11, 8.1 < 8.1R3 - Meeting ID Enumeration
Title source: llmDescription
The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 provides different messages for attempts to join a meeting depending on the status of the meeting, which allows remote attackers to enumerate valid meeting ids via a series of requests.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033685
Vendor Advisory x_refsource_confirm
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40053
Exploit x_refsource_misc
https://profundis-labs.com/advisories/CVE-2015-7322.txt
Scores
EPSS
0.0028
EPSS Percentile
51.7%
Details
CWE
CWE-200
Status
published
Products (4)
juniper/pulse_connect_secure
7.1
juniper/pulse_connect_secure
7.4
juniper/pulse_connect_secure
8.0
juniper/pulse_connect_secure
8.1
Published
Oct 05, 2015
Tracked Since
Feb 18, 2026