CVE-2015-3004

EPSS 0.25%
Published 10.04.2015 15:00:08
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

J-Web in Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D35, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D10, 12.3X48 before 12.3X48-D10, 12.2 before 12.2R9, 12.3 before 12.3R7, 13.2 before 13.2R6, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R5, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, and 14.2 before 14.2R1 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header.

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Juniper ≫ Junos Version12.1x44

Juniper ≫ Junos Version12.1x44 Updated10

Juniper ≫ Junos Version12.1x44 Updated15

Juniper ≫ Junos Version12.1x44 Updated20

Juniper ≫ Junos Version12.1x44 Updated25

Juniper ≫ Junos Version12.1x44 Updated30

Juniper ≫ Junos Version12.1x46

Juniper ≫ Junos Version12.1x46 Updated10

Juniper ≫ Junos Version12.1x46 Updated15

Juniper ≫ Junos Version12.1x46 Updated20

Juniper ≫ Junos Version12.1x47

Juniper ≫ Junos Version12.2

Juniper ≫ Junos Version12.2 Updater1

Juniper ≫ Junos Version12.2 Updater2

Juniper ≫ Junos Version12.2 Updater3

Juniper ≫ Junos Version12.2 Updater4

Juniper ≫ Junos Version12.2 Updater5

Juniper ≫ Junos Version12.2 Updater6

Juniper ≫ Junos Version12.2 Updater7

Juniper ≫ Junos Version12.2 Updater8

Juniper ≫ Junos Version12.2 Updater8-s2

Juniper ≫ Junos Version12.3 Updater1

Juniper ≫ Junos Version12.3 Updater2

Juniper ≫ Junos Version12.3 Updater3

Juniper ≫ Junos Version12.3 Updater4

Juniper ≫ Junos Version12.3 Updater5

Juniper ≫ Junos Version12.3 Updater6

Juniper ≫ Junos Version12.3x48

Juniper ≫ Junos Version13.2

Juniper ≫ Junos Version13.2 Updater1

Juniper ≫ Junos Version13.2 Updater2

Juniper ≫ Junos Version13.2 Updater3

Juniper ≫ Junos Version13.2 Updater4

Juniper ≫ Junos Version13.2 Updater5

Juniper ≫ Junos Version13.2x51

Juniper ≫ Junos Version13.2x51 Updated10

Juniper ≫ Junos Version13.2x51 Updated15

Juniper ≫ Junos Version13.3

Juniper ≫ Junos Version13.3 Updater1

Juniper ≫ Junos Version13.3 Updater2

Juniper ≫ Junos Version13.3 Updater2-s2

Juniper ≫ Junos Version13.3 Updater3

Juniper ≫ Junos Version13.3 Updater4

Juniper ≫ Junos Version14.1

Juniper ≫ Junos Version14.1 Updater1

Juniper ≫ Junos Version14.1 Updater2

Juniper ≫ Junos Version14.1x53

Juniper ≫ Junos Version14.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.25%	0.484

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securityfocus.com/bid/74017

http://www.securitytracker.com/id/1032090

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10675

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-3004

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-3004

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-3004

EUVD