CVE-2015-7322

The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 provides different messages for attempts to join a meeting depending on the status of the meeting, which allows remote attackers to enumerate valid meeting ids via a series of requests.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
juniperpulse_connect_secure
7.1
juniperpulse_connect_secure
7.4
juniperpulse_connect_secure
8.0
juniperpulse_connect_secure
8.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securitytracker.com/id/1033685
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40053
https://profundis-labs.com/advisories/CVE-2015-7322.txt
http://www.securitytracker.com/id/1033685
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40053
https://profundis-labs.com/advisories/CVE-2015-7322.txt