Kaspersky Threats

Detect date

?

04/10/2015

Severity

?

High

Description

Multiple serious vulnerabilities have been found in Juniper Junos. Malicious users can exploit these vulnerabilities to gainprivileges, execute arbitrary code orspoof user interface.

Below is a complete list of vulnerabilities

XSS vulnerability can be exploited remotely via unspecified vectors;
Unknown vulnerability can be exploited remotely via a specially designed header or CLI commands;
Lack of log-out-on-disconnect enforcement can be exploited remotely via devica access manipulations.

Affected products

Juniper Junos 11.4 versions earlier than 11.4R12
Juniper Junos 12.1X44 versions earlier than 12.1X44-D45
Juniper Junos 12.1X46 versions earlier than 12.1X46-D30
Juniper Junos 12.1X47 versions earlier than 12.1X47-D20
Juniper Junos 12.2 versions earlier than 12.2R9
Juniper Junos 12.3 versions earlier than 12.3R9
Juniper Junos 12.3X48 versions earlier than 12.3X48-D10
Juniper Junos 13.2 versions earlier than 13.2R6
Juniper Junos 13.2X51 versions earlier than 13.2X51-D20
Juniper Junos 13.3 versions earlier than 13.3R5
Juniper Junos 14.1 versions earlier than 14.1R3
Juniper Junos 14.1X53 versions earlier than 14.1X53-D10
Juniper Junos 14.2 versions earlier than 14.2R1

Solution

Update to the latest version

Original advisories

Juniper advisory
Juniper advisory
Juniper advisory
Juniper advisory

Impacts

?

CI

[?]

PE

[?]

SUI

[?]

Detect date ?	04/10/2015
Severity ?	High
Description	Multiple serious vulnerabilities have been found in Juniper Junos. Malicious users can exploit these vulnerabilities to gainprivileges, execute arbitrary code orspoof user interface. Below is a complete list of vulnerabilities XSS vulnerability can be exploited remotely via unspecified vectors; Unknown vulnerability can be exploited remotely via a specially designed header or CLI commands; Lack of log-out-on-disconnect enforcement can be exploited remotely via devica access manipulations.
Affected products	Juniper Junos 11.4 versions earlier than 11.4R12 Juniper Junos 12.1X44 versions earlier than 12.1X44-D45 Juniper Junos 12.1X46 versions earlier than 12.1X46-D30 Juniper Junos 12.1X47 versions earlier than 12.1X47-D20 Juniper Junos 12.2 versions earlier than 12.2R9 Juniper Junos 12.3 versions earlier than 12.3R9 Juniper Junos 12.3X48 versions earlier than 12.3X48-D10 Juniper Junos 13.2 versions earlier than 13.2R6 Juniper Junos 13.2X51 versions earlier than 13.2X51-D20 Juniper Junos 13.3 versions earlier than 13.3R5 Juniper Junos 14.1 versions earlier than 14.1R3 Juniper Junos 14.1X53 versions earlier than 14.1X53-D10 Juniper Junos 14.2 versions earlier than 14.2R1
Solution	Update to the latest version
Original advisories	Juniper advisory Juniper advisory Juniper advisory Juniper advisory
Impacts ?	CI [?] PE [?] SUI [?]
Related products	Juniper Junos OS
CVE-IDS ?	CVE-2015-30054.3Warning CVE-2015-30044.3Warning CVE-2015-30026.9High CVE-2015-30037.2High

KLA10541Multiple vulnerabilities in Juniper Junos

KLA10541
Multiple vulnerabilities in Juniper Junos