KLA10541
Multiple vulnerabilities in Juniper Junos
Обновлено: 17/06/2019
Дата обнаружения
10/04/2015
Уровень угрозы
High
Описание

Multiple serious vulnerabilities have been found in Juniper Junos. Malicious users can exploit these vulnerabilities to gainprivileges, execute arbitrary code orspoof user interface.

Below is a complete list of vulnerabilities

  1. XSS vulnerability can be exploited remotely via unspecified vectors;
  2. Unknown vulnerability can be exploited remotely via a specially designed header or CLI commands;
  3. Lack of log-out-on-disconnect enforcement can be exploited remotely via devica access manipulations.
Пораженные продукты

Juniper Junos 11.4 versions earlier than 11.4R12
Juniper Junos 12.1X44 versions earlier than 12.1X44-D45
Juniper Junos 12.1X46 versions earlier than 12.1X46-D30
Juniper Junos 12.1X47 versions earlier than 12.1X47-D20
Juniper Junos 12.2 versions earlier than 12.2R9
Juniper Junos 12.3 versions earlier than 12.3R9
Juniper Junos 12.3X48 versions earlier than 12.3X48-D10
Juniper Junos 13.2 versions earlier than 13.2R6
Juniper Junos 13.2X51 versions earlier than 13.2X51-D20
Juniper Junos 13.3 versions earlier than 13.3R5
Juniper Junos 14.1 versions earlier than 14.1R3
Juniper Junos 14.1X53 versions earlier than 14.1X53-D10
Juniper Junos 14.2 versions earlier than 14.2R1

Решение

Update to the latest version

Первичный источник обнаружения
Juniper advisory
Juniper advisory
Juniper advisory
Juniper advisory
Оказываемое влияние
?
CI 
[?]

PE 
[?]

SUI 
[?]
Связанные продукты
Juniper Junos OS
CVE-IDS