10

CVE-2016-1279

J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D25, 13.3 before 13.3R10, 13.3R9 before 13.3R9-S1, 14.1 before 14.1R7, 14.1X53 before 14.1X53-D35, 14.2 before 14.2R6, 15.1 before 15.1A2 or 15.1F4, 15.1X49 before 15.1X49-D30, and 15.1R before 15.1R3 might allow remote attackers to obtain sensitive information and consequently gain administrative privileges via unspecified vectors.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Updated40 Version <= 12.1x46
JuniperJunos Version12.1x46 Updated50
JuniperJunos Version12.1x47
JuniperJunos Version12.1x47 Updated10
JuniperJunos Version12.1x47 Updated15
JuniperJunos Version12.1x47 Updated20
JuniperJunos Version12.1x47 Updated25
JuniperJunos Version12.1x47 Updated30
JuniperJunos Version12.3
JuniperJunos Version12.3 Updater1
JuniperJunos Version12.3 Updater10
JuniperJunos Version12.3 Updater11
JuniperJunos Version12.3 Updater2
JuniperJunos Version12.3 Updater3
JuniperJunos Version12.3 Updater4
JuniperJunos Version12.3 Updater5
JuniperJunos Version12.3 Updater6
JuniperJunos Version12.3 Updater7
JuniperJunos Version12.3 Updater8
JuniperJunos Version12.3 Updater9
JuniperJunos Version12.3x48 Updated10
JuniperJunos Version12.3x48 Updated15
JuniperJunos Version13.3
JuniperJunos Version13.3 Updater1
JuniperJunos Version13.3 Updater2
JuniperJunos Version13.3 Updater2-s2
JuniperJunos Version13.3 Updater3
JuniperJunos Version13.3 Updater4
JuniperJunos Version13.3 Updater5
JuniperJunos Version13.3 Updater6
JuniperJunos Version13.3 Updater7
JuniperJunos Version13.3 Updater8
JuniperJunos Version13.3 Updater9
JuniperJunos Version14.1
JuniperJunos Version14.1 Updater1
JuniperJunos Version14.1 Updater2
JuniperJunos Version14.1 Updater3
JuniperJunos Version14.1 Updater4
JuniperJunos Version14.1 Updater5
JuniperJunos Version14.1 Updater6
JuniperJunos Version14.1x53
JuniperJunos Version14.1x53 Updated10
JuniperJunos Version14.1x53 Updated15
JuniperJunos Version14.1x53 Updated16
JuniperJunos Version14.1x53 Updated25
JuniperJunos Version14.1x53 Updated26
JuniperJunos Version14.1x53 Updated27
JuniperJunos Version14.1x53 Updated30
JuniperJunos Version14.2 Updater1
JuniperJunos Version14.2 Updater2
JuniperJunos Version14.2 Updater3
JuniperJunos Version14.2 Updater4
JuniperJunos Version14.2 Updater5
JuniperJunos Version15.1 Updatea1
JuniperJunos Version15.1 Updatef2
JuniperJunos Version15.1 Updatef2-s1
JuniperJunos Version15.1 Updatef2-s2
JuniperJunos Version15.1 Updatef2-s3
JuniperJunos Version15.1 Updatef2-s4
JuniperJunos Version15.1 Updatef3
JuniperJunos Version15.1 Updater1
JuniperJunos Version15.1 Updater2
JuniperJunos Version15.1x49 Updated10
JuniperJunos Version15.1x49 Updated20
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 1.91% 0.816
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.