CVE-2014-3816Improper Input Validation in Juniper Junos

CWE-264CWE-20Improper Input Validation6 documents3 sources
Severity
9.0CRITICALNVD
NVD7.8
EPSS
0.5%
top 36.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper JunosJuniper Junos OS
Timeline
PublishedJul 11
Latest updateMay 17

Description

Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R11, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8-S2, 12.3 before 12.3R7, 13.1 before 13.1R4-S2, 13.2 before 13.2R5, 13.3 before 13.3R2-S2, and 14.1 before 14.1R1 allows remote authenticated users to gain privileges via unspecified combinations of CLI commands and arguments.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages2 packages

NVDjuniper/junos12.1x46+16

🔴Vulnerability Details

2
GHSA
GHSA-5fjp-h5ph-254r: Juniper Junos 112022-05-17
GHSA
GHSA-q4wv-hp9c-9wxv: Juniper Junos OS before 122022-05-17

📋Vendor Advisories

2
Juniper
CVE-2016-1271: Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.32016-04-15
Juniper
CVE-2014-3816: Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R11, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D20, 12.1X47 be2014-07-11