Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

2013-05: Security Bulletin: SmartPass WLAN Security Management: CVE-2013-3498 XSS Vulnerability



Article ID: JSA10568 SECURITY_ADVISORIES Last Updated: 05 Mar 2017Version: 2.0
Legacy Advisory Id:
Product Affected:
SmartPass WLAN Security Management
SmartPass WLAN security management application is vulnerable to a cross site scripting (XSS) vulnerability. This can allow remote attackers to obtain sensitive information from users of SmartPass and possibly get access to SmartPass.

CVE: CVE-2013-3498

This vulnerability is fixed in:
SmartPass 8.0 MR2 or later
SmartPass 7.7 MR3 or later
There are no known workarounds that can mitigate XSS issue listed in this bulletin.

Modification History:
Modification History:

2017-03-05: Category restructure.

CVSS Score:
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Severity Level:
Juniper Networks Acknowledges with thanks Ross Bushby of KRYPSYS for reporting the issue.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search