CVE-2015-7323
Pulse Connect Secure < 7.1R22.1, 7.4, 8.0 < 8.0R11, 8.1 < 8.1R3 - Authenticated Access Bypass via Meeting ID
Title source: llmDescription
The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypass intended access restrictions and log into arbitrary meetings by leveraging a meeting id and meetingAppSun.jar.
References (5)
Core 5
Core References
Vendor Advisory x_refsource_confirm
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40054
Exploit x_refsource_misc
https://profundis-labs.com/advisories/CVE-2015-7323.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033684
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/Sep/98
Exploit x_refsource_misc
https://packetstormsecurity.com/files/133711/Junos-Pulse-Secure-Meeting-8.0.5-Access-Bypass.html
Scores
EPSS
0.0037
EPSS Percentile
58.9%
Details
CWE
CWE-264
Status
published
Products (4)
juniper/pulse_connect_secure
7.1
juniper/pulse_connect_secure
7.4
juniper/pulse_connect_secure
8.0
juniper/pulse_connect_secure
8.1
Published
Oct 05, 2015
Tracked Since
Feb 18, 2026