{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-09-24T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypass intended access restrictions and log into arbitrary meetings by leveraging a meeting id and meetingAppSun.jar."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-06T18:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40054"}, {"tags": ["x_refsource_MISC"], "url": "https://profundis-labs.com/advisories/CVE-2015-7323.txt"}, {"name": "1033684", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1033684"}, {"name": "20150925 CVE-2015-7323 - Secure Meeting (Pulse Collaboration) issue may allow authenticated users to bypass meeting authorization", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2015/Sep/98"}, {"tags": ["x_refsource_MISC"], "url": "https://packetstormsecurity.com/files/133711/Junos-Pulse-Secure-Meeting-8.0.5-Access-Bypass.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-7323", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypass intended access restrictions and log into arbitrary meetings by leveraging a meeting id and meetingAppSun.jar."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40054", "refsource": "CONFIRM", "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40054"}, {"name": "https://profundis-labs.com/advisories/CVE-2015-7323.txt", "refsource": "MISC", "url": "https://profundis-labs.com/advisories/CVE-2015-7323.txt"}, {"name": "1033684", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033684"}, {"name": "20150925 CVE-2015-7323 - Secure Meeting (Pulse Collaboration) issue may allow authenticated users to bypass meeting authorization", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2015/Sep/98"}, {"name": "https://packetstormsecurity.com/files/133711/Junos-Pulse-Secure-Meeting-8.0.5-Access-Bypass.html", "refsource": "MISC", "url": "https://packetstormsecurity.com/files/133711/Junos-Pulse-Secure-Meeting-8.0.5-Access-Bypass.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:43:46.118Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40054"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://profundis-labs.com/advisories/CVE-2015-7323.txt"}, {"name": "1033684", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1033684"}, {"name": "20150925 CVE-2015-7323 - Secure Meeting (Pulse Collaboration) issue may allow authenticated users to bypass meeting authorization", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2015/Sep/98"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://packetstormsecurity.com/files/133711/Junos-Pulse-Secure-Meeting-8.0.5-Access-Bypass.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-7323", "datePublished": "2015-10-05T15:00:00.000Z", "dateReserved": "2015-09-22T00:00:00.000Z", "dateUpdated": "2024-08-06T07:43:46.118Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:juniper:pulse_connect_secure:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "58B1967B-76D9-4E46-8E98-594684B53CC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:juniper:pulse_connect_secure:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "0C209D3C-C716-4A7F-9665-0C9C1DC2933F", "vulnerable": true}, {"criteria": "cpe:2.3:a:juniper:pulse_connect_secure:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "BBDB9656-C040-4434-B484-31C682C55149", "vulnerable": true}, {"criteria": "cpe:2.3:a:juniper:pulse_connect_secure:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "274B576D-5D83-4028-9732-0A394CA89FC3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypass intended access restrictions and log into arbitrary meetings by leveraging a meeting id and meetingAppSun.jar."}, {"lang": "es", "value": "El Secure Meeting (Pulse Collaboration) en Pulse Connect Secure (anteriormente Juniper Junos Pulse) en versiones anteriores a 7.1R22.1, 7.4, 8.0 en versiones anteriores a 8.0R11 y 8.1 en versiones anteriores a 8.1R3 permite a usuarios remotos autenticados eludir las restricciones destinadas al acceso y conectarse a reuniones arbitrarias mediante aprovechamiento de un id de reuni\u00f3n y meetingAppSun.jar."}], "id": "CVE-2015-7323", "lastModified": "2026-05-06T22:30:45.220", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-10-05T15:59:01.860", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://seclists.org/fulldisclosure/2015/Sep/98"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1033684"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40054"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://packetstormsecurity.com/files/133711/Junos-Pulse-Secure-Meeting-8.0.5-Access-Bypass.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://profundis-labs.com/advisories/CVE-2015-7323.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://seclists.org/fulldisclosure/2015/Sep/98"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1033684"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40054"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://packetstormsecurity.com/files/133711/Junos-Pulse-Secure-Meeting-8.0.5-Access-Bypass.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://profundis-labs.com/advisories/CVE-2015-7323.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}