PT-2020-7727 · Juniper Networks · Junos

Published

2020-01-15

Updated

2020-01-24

CVE-2014-6448

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Juniper Junos OS versions 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before 13.3R3

Description The issue allows local users to bypass intended restrictions and execute arbitrary Python code via vectors involving shell access.

Recommendations For Juniper Junos OS versions 13.2 before 13.2R5, 13.2X51, 13.2X52, update to version 13.2R5 or later. For Juniper Junos OS versions 13.3 before 13.3R3, update to version 13.3R3 or later.

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2014-6448

Affected Products

Junos

PT-2020-7727 · Juniper Networks · Junos

CVE-2014-6448

Weakness Enumeration

Related Identifiers

Affected Products

References · 2