CVE-2016-1271Improper Input Validation in Juniper Junos

CWE-20Improper Input Validation3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 88.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper JunosJuniper Junos OS
Timeline
PublishedApr 15
Latest updateMay 17

Description

Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.2 before 14.2R4, 15.1 before 15.1R1 or 15.1F2, and 15.1X49 before 15.1X49-D15 allow local users to gain privileges via crafted combinations of CLI commands and arguments, a different vulnerability than CVE-2015-3003, CVE-2014-3816, and CVE-2014-0615.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDjuniper/junos12.1x46+9

🔴Vulnerability Details

1
GHSA
GHSA-q4wv-hp9c-9wxv: Juniper Junos OS before 122022-05-17

📋Vendor Advisories

1
Juniper
CVE-2016-1271: Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.32016-04-15