CVE-2014-6447 - Vulnerability Details

Vendors	Products
Juniper	Junos

Link	Providers
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682
http://www.securitytracker.com/id/1032846

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-07-08T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, 14.2 before 14.2R1, and 15.1 before 15.1R1."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-02-11T16:40:15", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682"}, {"tags": ["x_refsource_MISC"], "url": "http://www.securitytracker.com/id/1032846"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-6447", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, 14.2 before 14.2R1, and 15.1 before 15.1R1."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682"}, {"name": "http://www.securitytracker.com/id/1032846", "refsource": "MISC", "url": "http://www.securitytracker.com/id/1032846"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T12:17:24.074Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.securitytracker.com/id/1032846"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-6447", "datePublished": "2020-02-11T16:40:15", "dateReserved": "2014-09-17T00:00:00", "dateUpdated": "2024-08-06T12:17:24.074Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2015-07-08T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, 14.2 before 14.2R1, and 15.1 before 15.1R1. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2020-02-11T16:40:15 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://www.securitytracker.com/id/1032846 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2014-6447 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, 14.2 before 14.2R1, and 15.1 before 15.1R1. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682 (string)

refsource : CONFIRM (string)

url : http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682 (string)

}

1 : { »

name : http://www.securitytracker.com/id/1032846 (string)

refsource : MISC (string)

url : http://www.securitytracker.com/id/1032846 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T12:17:24.074Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1032846 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2014-6447 (string)

datePublished : 2020-02-11T16:40:15 (string)

dateReserved : 2014-09-17T00:00:00 (string)

dateUpdated : 2024-08-06T12:17:24.074Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.1x44:-:*:*:*:*:*:*", "matchCriteriaId": "86141A33-344E-4152-8B76-2DB383954F02", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d10:*:*:*:*:*:*", "matchCriteriaId": "AC405A12-112D-4C9D-90DA-6ED484109793", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d15:*:*:*:*:*:*", "matchCriteriaId": "3FC42F2D-7593-4DBE-AE89-A6B78E7F9089", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d20:*:*:*:*:*:*", "matchCriteriaId": "731A6469-3DE0-491A-BCC5-7642FB347ACE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d25:*:*:*:*:*:*", "matchCriteriaId": "D12A8119-3E59-4062-9A04-1F6EA48B78E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d30:*:*:*:*:*:*", "matchCriteriaId": "E8B33B80-3189-4412-BFE0-359E755AB07A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d35:*:*:*:*:*:*", "matchCriteriaId": "C0E8F87E-DEB2-4849-ABB5-75A67CFD2D39", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d40:*:*:*:*:*:*", "matchCriteriaId": "BDE231CE-0D93-4293-8720-4CCEE2EA651E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.1x46:-:*:*:*:*:*:*", "matchCriteriaId": "92F31F7F-02E0-4E63-A600-DF8AB4E3BAA3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*", "matchCriteriaId": "A71742CF-50B1-44BB-AB7B-27E5DCC9CF70", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*", "matchCriteriaId": "4FD4237A-C257-4D8A-ABC4-9B2160530A4E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*", "matchCriteriaId": "5A449C87-C5C3-48FE-9E46-64ED5DD5F193", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*", "matchCriteriaId": "F4B6215F-76BF-473F-B325-0975B0EB101E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.1x47:-:*:*:*:*:*:*", "matchCriteriaId": "ABBEDB3F-5FD1-4290-A80A-7EAD9B9C38C4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x47:d10:*:*:*:*:*:*", "matchCriteriaId": "181C0D30-4476-48EE-A4A4-3B2461F4AC20", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x47:d15:*:*:*:*:*:*", "matchCriteriaId": "63F559A2-2744-4771-9420-C70AA87496A2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.3:-:*:*:*:*:*:*", "matchCriteriaId": "223C12D0-61A0-4C12-8AFC-A0CB64759A31", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*", "matchCriteriaId": "371A7DF8-3F4B-439D-8990-D1BC6F0C25C5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*", "matchCriteriaId": "7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*", "matchCriteriaId": "C6F309FD-0A5A-4C86-B227-B2B511A5CEB4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*", "matchCriteriaId": "960059B5-0701-4B75-AB51-0A430247D9F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*", "matchCriteriaId": "1D1DCA52-DA81-495B-B516-5571F01E3B0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r6:*:*:*:*:*:*", "matchCriteriaId": "05E187F6-BACD-4DD5-B393-B2FE4349053A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r7:*:*:*:*:*:*", "matchCriteriaId": "3C240840-A6BC-4E3D-A60D-22F08E67E2B2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*", "matchCriteriaId": "AC1FED64-8725-4978-9EBF-E3CD8EF338E4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:13.1:-:*:*:*:*:*:*", "matchCriteriaId": "67B3BF03-9919-4C12-97A3-B20161725F35", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.1:r1:*:*:*:*:*:*", "matchCriteriaId": "FCD4D8EB-8625-47CD-8F0E-D2FC8CAA5462", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.1:r2:*:*:*:*:*:*", "matchCriteriaId": "A0150A4C-2C5A-49FC-8FB3-B93CB45B8284", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.1:r3:*:*:*:*:*:*", "matchCriteriaId": "BFEB7A59-7536-4A92-A9C8-79FDE657B8AB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.1:r4:*:*:*:*:*:*", "matchCriteriaId": "AD9ADCD2-DC32-4724-8324-60246E8BC953", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.1:r4-s2:*:*:*:*:*:*", "matchCriteriaId": "08BC545E-EBE1-45EB-9D1E-9CAEF52E7C6D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:13.2:-:*:*:*:*:*:*", "matchCriteriaId": "931D77A8-FA39-479E-91DB-CDDC9113252B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.2:r1:*:*:*:*:*:*", "matchCriteriaId": "D3A0A607-7D3C-4F2A-B5F5-576A70649CB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.2:r2:*:*:*:*:*:*", "matchCriteriaId": "32E9620A-7C0A-474C-919E-13609FFE580D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.2:r3:*:*:*:*:*:*", "matchCriteriaId": "672D3A38-92B4-4F33-82A6-B2D3F3403AF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.2:r4:*:*:*:*:*:*", "matchCriteriaId": "F5C24441-6E9D-4EF7-8903-A109A52340C0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.2:r5:*:*:*:*:*:*", "matchCriteriaId": "7CB98C4F-617F-4F51-A86E-D1EBE2BDE583", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:13.3:-:*:*:*:*:*:*", "matchCriteriaId": "FE2FBBA2-6185-463F-96D3-9AB2C778B4F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.3:r1:*:*:*:*:*:*", "matchCriteriaId": "3FF9FF91-9184-4D18-8288-9110E35F4AE5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.3:r10:*:*:*:*:*:*", "matchCriteriaId": "CA058F8A-01BE-48EA-9E67-98FF069E78D5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.3:r2:*:*:*:*:*:*", "matchCriteriaId": "0F2E537B-9504-4912-B231-0D83F4459469", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.3:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "99A946CE-FFC7-4F16-82F4-795A6E5B84C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:13.3:r3:*:*:*:*:*:*", "matchCriteriaId": "4BCB3837-DCBC-4997-B63E-E47957584709", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1:-:*:*:*:*:*:*", "matchCriteriaId": "09571E75-0EA2-4775-B1AB-CB0A0998F6D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*", "matchCriteriaId": "9C778627-820A-48F5-9680-0205D6DB5EB6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*", "matchCriteriaId": "FA7F03DC-73A2-4760-B386-2A57E9C97E65", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1x53:-:*:*:*:*:*:*", "matchCriteriaId": "6FEF5DD8-B0B2-4ED2-B38F-CE870485AB8C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.2:-:*:*:*:*:*:*", "matchCriteriaId": "7887DC05-BEBE-4D7C-8F7A-C1A70237EE4F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1:-:*:*:*:*:*:*", "matchCriteriaId": "285CD1E5-C6D3-470A-8556-653AFF74D0F3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, 14.2 before 14.2R1, and 15.1 before 15.1R1."}, {"lang": "es", "value": "Se presentan m\u00faltiples vulnerabilidades en el manejo de errores de Juniper Junos J-Web que pueden conllevar a problemas de tipo cross site scripting (XSS) o bloquear el servicio J-Web (DoS). Esto afecta a Juniper Junos OS versiones 12.1X44 anteriores a 12.1X44-D45, versiones 12.1X46 anteriores a 12.1X46-D30, versiones 12.1X47 anteriores a 12.1X47-D20, versiones 12.3 anteriores a 12.3R8, versiones 12.3X48 anteriores a 12.3X48-D10, versiones 13.1 anteriores a 13.1R5, versiones 13.2 anteriores a 13.2 R6, versiones 13.3 anteriores a 13.3R4, versiones 14.1 anteriores a 14.1R3, versiones 14.1X53 anteriores a 14.1X53-D10, versiones 14.2 anteriores a 14.2R1 y versiones 15.1 anteriores a 15.1R1."}], "id": "CVE-2014-6447", "lastModified": "2024-11-21T02:14:24.100", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-02-11T17:15:11.703", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032846"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032846"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x44:-:*:*:*:*:*:* (string)

matchCriteriaId : 86141A33-344E-4152-8B76-2DB383954F02 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x44:d10:*:*:*:*:*:* (string)

matchCriteriaId : AC405A12-112D-4C9D-90DA-6ED484109793 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x44:d15:*:*:*:*:*:* (string)

matchCriteriaId : 3FC42F2D-7593-4DBE-AE89-A6B78E7F9089 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x44:d20:*:*:*:*:*:* (string)

matchCriteriaId : 731A6469-3DE0-491A-BCC5-7642FB347ACE (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x44:d25:*:*:*:*:*:* (string)

matchCriteriaId : D12A8119-3E59-4062-9A04-1F6EA48B78E9 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x44:d30:*:*:*:*:*:* (string)

matchCriteriaId : E8B33B80-3189-4412-BFE0-359E755AB07A (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x44:d35:*:*:*:*:*:* (string)

matchCriteriaId : C0E8F87E-DEB2-4849-ABB5-75A67CFD2D39 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x44:d40:*:*:*:*:*:* (string)

matchCriteriaId : BDE231CE-0D93-4293-8720-4CCEE2EA651E (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x46:-:*:*:*:*:*:* (string)

matchCriteriaId : 92F31F7F-02E0-4E63-A600-DF8AB4E3BAA3 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:* (string)

matchCriteriaId : A71742CF-50B1-44BB-AB7B-27E5DCC9CF70 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:* (string)

matchCriteriaId : 4FD4237A-C257-4D8A-ABC4-9B2160530A4E (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:* (string)

matchCriteriaId : 5A449C87-C5C3-48FE-9E46-64ED5DD5F193 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:* (string)

matchCriteriaId : F4B6215F-76BF-473F-B325-0975B0EB101E (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x47:-:*:*:*:*:*:* (string)

matchCriteriaId : ABBEDB3F-5FD1-4290-A80A-7EAD9B9C38C4 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x47:d10:*:*:*:*:*:* (string)

matchCriteriaId : 181C0D30-4476-48EE-A4A4-3B2461F4AC20 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:juniper:junos:12.1x47:d15:*:*:*:*:*:* (string)

matchCriteriaId : 63F559A2-2744-4771-9420-C70AA87496A2 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:juniper:junos:12.3:-:*:*:*:*:*:* (string)

matchCriteriaId : 223C12D0-61A0-4C12-8AFC-A0CB64759A31 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:* (string)

matchCriteriaId : 371A7DF8-3F4B-439D-8990-D1BC6F0C25C5 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:* (string)

matchCriteriaId : 7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:* (string)

matchCriteriaId : C6F309FD-0A5A-4C86-B227-B2B511A5CEB4 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:* (string)

matchCriteriaId : 960059B5-0701-4B75-AB51-0A430247D9F0 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:* (string)

matchCriteriaId : 1D1DCA52-DA81-495B-B516-5571F01E3B0A (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:juniper:junos:12.3:r6:*:*:*:*:*:* (string)

matchCriteriaId : 05E187F6-BACD-4DD5-B393-B2FE4349053A (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:juniper:junos:12.3:r7:*:*:*:*:*:* (string)

matchCriteriaId : 3C240840-A6BC-4E3D-A60D-22F08E67E2B2 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

4 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:* (string)

matchCriteriaId : AC1FED64-8725-4978-9EBF-E3CD8EF338E4 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

5 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:juniper:junos:13.1:-:*:*:*:*:*:* (string)

matchCriteriaId : 67B3BF03-9919-4C12-97A3-B20161725F35 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:juniper:junos:13.1:r1:*:*:*:*:*:* (string)

matchCriteriaId : FCD4D8EB-8625-47CD-8F0E-D2FC8CAA5462 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:juniper:junos:13.1:r2:*:*:*:*:*:* (string)

matchCriteriaId : A0150A4C-2C5A-49FC-8FB3-B93CB45B8284 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:juniper:junos:13.1:r3:*:*:*:*:*:* (string)

matchCriteriaId : BFEB7A59-7536-4A92-A9C8-79FDE657B8AB (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:juniper:junos:13.1:r4:*:*:*:*:*:* (string)

matchCriteriaId : AD9ADCD2-DC32-4724-8324-60246E8BC953 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:juniper:junos:13.1:r4-s2:*:*:*:*:*:* (string)

matchCriteriaId : 08BC545E-EBE1-45EB-9D1E-9CAEF52E7C6D (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

6 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:juniper:junos:13.2:-:*:*:*:*:*:* (string)

matchCriteriaId : 931D77A8-FA39-479E-91DB-CDDC9113252B (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:juniper:junos:13.2:r1:*:*:*:*:*:* (string)

matchCriteriaId : D3A0A607-7D3C-4F2A-B5F5-576A70649CB1 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:juniper:junos:13.2:r2:*:*:*:*:*:* (string)

matchCriteriaId : 32E9620A-7C0A-474C-919E-13609FFE580D (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:juniper:junos:13.2:r3:*:*:*:*:*:* (string)

matchCriteriaId : 672D3A38-92B4-4F33-82A6-B2D3F3403AF3 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:juniper:junos:13.2:r4:*:*:*:*:*:* (string)

matchCriteriaId : F5C24441-6E9D-4EF7-8903-A109A52340C0 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:juniper:junos:13.2:r5:*:*:*:*:*:* (string)

matchCriteriaId : 7CB98C4F-617F-4F51-A86E-D1EBE2BDE583 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

7 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:juniper:junos:13.3:-:*:*:*:*:*:* (string)

matchCriteriaId : FE2FBBA2-6185-463F-96D3-9AB2C778B4F4 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:juniper:junos:13.3:r1:*:*:*:*:*:* (string)

matchCriteriaId : 3FF9FF91-9184-4D18-8288-9110E35F4AE5 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:juniper:junos:13.3:r10:*:*:*:*:*:* (string)

matchCriteriaId : CA058F8A-01BE-48EA-9E67-98FF069E78D5 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:juniper:junos:13.3:r2:*:*:*:*:*:* (string)

matchCriteriaId : 0F2E537B-9504-4912-B231-0D83F4459469 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:juniper:junos:13.3:r2-s2:*:*:*:*:*:* (string)

matchCriteriaId : 99A946CE-FFC7-4F16-82F4-795A6E5B84C2 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:juniper:junos:13.3:r3:*:*:*:*:*:* (string)

matchCriteriaId : 4BCB3837-DCBC-4997-B63E-E47957584709 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

8 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:juniper:junos:14.1:-:*:*:*:*:*:* (string)

matchCriteriaId : 09571E75-0EA2-4775-B1AB-CB0A0998F6D1 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:* (string)

matchCriteriaId : 9C778627-820A-48F5-9680-0205D6DB5EB6 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:* (string)

matchCriteriaId : FA7F03DC-73A2-4760-B386-2A57E9C97E65 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

9 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:juniper:junos:14.1x53:-:*:*:*:*:*:* (string)

matchCriteriaId : 6FEF5DD8-B0B2-4ED2-B38F-CE870485AB8C (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

10 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:juniper:junos:14.2:-:*:*:*:*:*:* (string)

matchCriteriaId : 7887DC05-BEBE-4D7C-8F7A-C1A70237EE4F (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

11 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:juniper:junos:15.1:-:*:*:*:*:*:* (string)

matchCriteriaId : 285CD1E5-C6D3-470A-8556-653AFF74D0F3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, 14.2 before 14.2R1, and 15.1 before 15.1R1. (string)

}

1 : { »

lang : es (string)

value : Se presentan múltiples vulnerabilidades en el manejo de errores de Juniper Junos J-Web que pueden conllevar a problemas de tipo cross site scripting (XSS) o bloquear el servicio J-Web (DoS). Esto afecta a Juniper Junos OS versiones 12.1X44 anteriores a 12.1X44-D45, versiones 12.1X46 anteriores a 12.1X46-D30, versiones 12.1X47 anteriores a 12.1X47-D20, versiones 12.3 anteriores a 12.3R8, versiones 12.3X48 anteriores a 12.3X48-D10, versiones 13.1 anteriores a 13.1R5, versiones 13.2 anteriores a 13.2 R6, versiones 13.3 anteriores a 13.3R4, versiones 14.1 anteriores a 14.1R3, versiones 14.1X53 anteriores a 14.1X53-D10, versiones 14.2 anteriores a 14.2R1 y versiones 15.1 anteriores a 15.1R1. (string)

}

]

id : CVE-2014-6447 (string)

lastModified : 2024-11-21T02:14:24.100 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 5.8 (number)

confidentialityImpact : NONE (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:N/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 4.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : LOW (string)

baseScore : 7.1 (number)

baseSeverity : HIGH (string)

confidentialityImpact : LOW (string)

integrityImpact : LOW (string)

privilegesRequired : NONE (string)

scope : CHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L (string)

version : 3.1 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 3.7 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2020-02-11T17:15:11.703 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682 (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securitytracker.com/id/1032846 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securitytracker.com/id/1032846 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-79 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object