6.7

CVE-2016-1267

Race condition in the RPC functionality in Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D39, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.1X53 before 14.1X53-D30, 14.2 before 14.2R3-S4, 15.1 before 15.1F2, or 15.1R2, 15.1X49 before 15.1X49-D20, and 16.1 before 16.1R1 allows local users to read, delete, or modify arbitrary files via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
JuniperJunos Updated50 Version <= 12.1x44
JuniperJunos Version12.1x46
JuniperJunos Version12.1x46 Updated10
JuniperJunos Version12.1x46 Updated15
JuniperJunos Version12.1x46 Updated20
JuniperJunos Version12.1x46 Updated25
JuniperJunos Version12.1x46 Updated30
JuniperJunos Version12.1x46 Updated35
JuniperJunos Version12.1x47
JuniperJunos Version12.1x47 Updated10
JuniperJunos Version12.1x47 Updated15
JuniperJunos Version12.1x47 Updated20
JuniperJunos Version12.3
JuniperJunos Version12.3 Updater1
JuniperJunos Version12.3 Updater10
JuniperJunos Version12.3 Updater2
JuniperJunos Version12.3 Updater3
JuniperJunos Version12.3 Updater4
JuniperJunos Version12.3 Updater5
JuniperJunos Version12.3 Updater6
JuniperJunos Version12.3 Updater7
JuniperJunos Version12.3 Updater8
JuniperJunos Version12.3 Updater9
JuniperJunos Version12.3x48 Updated10
JuniperJunos Version12.3x48 Updated15
JuniperJunos Version13.2
JuniperJunos Version13.2 Updater1
JuniperJunos Version13.2 Updater2
JuniperJunos Version13.2 Updater3
JuniperJunos Version13.2 Updater4
JuniperJunos Version13.2 Updater5
JuniperJunos Version13.2 Updater6
JuniperJunos Version13.2 Updater7
JuniperJunos Version13.2 Updater7-s1
JuniperJunos Version13.2 Updater7-s2
JuniperJunos Version13.2x51 Updated15
JuniperJunos Version13.2x51 Updated20
JuniperJunos Version13.2x51 Updated21
JuniperJunos Version13.2x51 Updated25
JuniperJunos Version13.2x51 Updated26
JuniperJunos Version13.2x51 Updated30
JuniperJunos Version13.2x51 Updated35
JuniperJunos Version13.3
JuniperJunos Version13.3 Updater1
JuniperJunos Version13.3 Updater2
JuniperJunos Version13.3 Updater2-s2
JuniperJunos Version13.3 Updater3
JuniperJunos Version13.3 Updater4
JuniperJunos Version13.3 Updater5
JuniperJunos Version13.3 Updater6
JuniperJunos Version14.1
JuniperJunos Version14.1 Updater1
JuniperJunos Version14.1 Updater2
JuniperJunos Version14.1 Updater3
JuniperJunos Version14.1 Updater4
JuniperJunos Version14.1 Updater5
JuniperJunos Version14.1x53
JuniperJunos Version14.1x53 Updated10
JuniperJunos Version14.1x53 Updated15
JuniperJunos Version14.1x53 Updated16
JuniperJunos Version14.1x53 Updated25
JuniperJunos Version14.1x53 Updated26
JuniperJunos Version14.2 Updater1
JuniperJunos Version14.2 Updater2
JuniperJunos Version14.2 Updater3
JuniperJunos Version15.1
JuniperJunos Version15.1x49 Updated10
JuniperJunos Version16.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.04% 0.087
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.7 0.8 5.9
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 4.4 3.4 6.4
AV:L/AC:M/Au:N/C:P/I:P/A:P
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.