CVE-2014-2292
First published: Fri Mar 14 2014(Updated: )
Unspecified vulnerability in the Linux Network Connect client in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows local users to gain privileges via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper Ive Os | =7.1 | |
| Juniper Ive Os | =7.3 | |
| Juniper Ive Os | =7.4 | |
| Juniper Ive Os | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2014-2292?
CVE-2014-2292 has been classified with a severity that indicates local user privilege escalation risks in affected versions.
How do I fix CVE-2014-2292?
To fix CVE-2014-2292, update to Junos Pulse Secure Access Service versions 7.1r18, 7.3r10, 7.4r8, or 8.0r1 and later.
What versions are affected by CVE-2014-2292?
CVE-2014-2292 affects Juniper IVE OS versions prior to 7.1r18, 7.3r10, 7.4r8, and 8.0r1.
Can local users exploit CVE-2014-2292?
Yes, local users can exploit CVE-2014-2292 to gain elevated privileges on the affected systems.
Is there an official patch for CVE-2014-2292?
Yes, Juniper has released patches for CVE-2014-2292 in the specified updated versions.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/references
- agent/severity
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- vendor/juniper
- canonical/juniper ive os
- version/juniper ive os/7.1
- version/juniper ive os/7.3
- version/juniper ive os/7.4
- version/juniper ive os/8.0