7.2

CVE-2015-3007

EPSS 0.04%
Veröffentlicht 14.07.2015 17:59:03
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The Juniper SRX Series services gateways with Junos OS 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before 12.3X48-D15 do not properly implement the "set system ports console insecure" feature, which allows physically proximate attackers to gain administrative privileges by leveraging access to the console port.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Juniper ≫ Junos Version12.1x46

Juniper ≫ Junos Version12.1x46 Updated10

Juniper ≫ Junos Version12.1x46 Updated15

Juniper ≫ Junos Version12.1x46 Updated20

Juniper ≫ Junos Version12.1x46 Updated25

Juniper ≫ Junos Version12.1x46 Updated30

Juniper ≫ Junos Version12.1x47

Juniper ≫ Junos Version12.1x47 Updated10

Juniper ≫ Junos Version12.1x47 Updated20

Juniper ≫ Junos Version12.3x48

Juniper ≫ Junos Version12.3x48 Updated10

Juniper ≫ Junos Version12.3x48 Updated5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.113

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10683

Vendor Advisory

http://www.securitytracker.com/id/1032841

https://nvd.nist.gov/vuln/detail/CVE-2015-3007

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-3007

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-3007

EUVD