CVE-2014-3816

2014-07-1120:55:02

CWE-264

[email protected]

web.nvd.nist.gov

cve-2014-3816

juniper

junos

remote access

privilege escalation

7.5 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

59.9%

JSON

Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R11, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8-S2, 12.3 before 12.3R7, 13.1 before 13.1R4-S2, 13.2 before 13.2R5, 13.3 before 13.3R2-S2, and 14.1 before 14.1R1 allows remote authenticated users to gain privileges via unspecified combinations of CLI commands and arguments.

Affected configurations

NVD

Node

juniperjunosMatch11.4

juniperjunosMatch12.1

juniperjunosMatch12.1x44

juniperjunosMatch12.1x45

juniperjunosMatch12.1x46

juniperjunosMatch12.1x47

juniperjunosMatch12.2

juniperjunosMatch12.3

juniperjunosMatch13.1

juniperjunosMatch13.2

juniperjunosMatch13.3

juniperjunosMatch14.1

CPENameOperatorVersion
juniper:junosjuniper junoseq11.4
juniper:junosjuniper junoseq12.1
juniper:junosjuniper junoseq12.1x44
juniper:junosjuniper junoseq12.1x45
juniper:junosjuniper junoseq12.1x46
juniper:junosjuniper junoseq12.1x47
juniper:junosjuniper junoseq12.2
juniper:junosjuniper junoseq12.3
juniper:junosjuniper junoseq13.1
juniper:junosjuniper junoseq13.2

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	11.4
juniper:junos	juniper junos	eq	12.1
juniper:junos	juniper junos	eq	12.1x44
juniper:junos	juniper junos	eq	12.1x45
juniper:junos	juniper junos	eq	12.1x46
juniper:junos	juniper junos	eq	12.1x47
juniper:junos	juniper junos	eq	12.2
juniper:junos	juniper junos	eq	12.3
juniper:junos	juniper junos	eq	13.1
juniper:junos	juniper junos	eq	13.2