PT-2015-6050 · Juniper Networks · Junos
Publicado
2015-07-14
·
Atualizado
2015-07-15
·
CVE-2015-3007
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Junos OS versions 12.1X46 before 12.1X46-D35
Junos OS versions 12.1X47 before 12.1X47-D25
Junos OS versions 12.3X48 before 12.3X48-D15
Description
The issue is related to the improper implementation of the "set system ports console insecure" feature in the Juniper SRX Series services gateways. This allows physically proximate attackers to gain administrative privileges by leveraging access to the console port.
Recommendations
For Junos OS versions 12.1X46 before 12.1X46-D35, update to version 12.1X46-D35 or later.
For Junos OS versions 12.1X47 before 12.1X47-D25, update to version 12.1X47-D25 or later.
For Junos OS versions 12.3X48 before 12.3X48-D15, update to version 12.3X48-D15 or later.
Correção
Improper Access Control
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Junos