CVE-2015-3002

{"id": "CVE-2015-3002", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-04-10T15:00:07.117", "references": [{"url": "http://www.securityfocus.com/bid/74019", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1032091", "source": "cve@mitre.org"}, {"url": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10672", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/74019", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1032091", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10672", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-17"}]}], "descriptions": [{"lang": "en", "value": "Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, and 12.3X48 before 12.3X48-D10 on SRX series devices does not properly enforce the log-out-on-disconnect feature when configured in the [system port console] stanza, which allows physically proximate attackers to reconnect to the console port and gain administrative access by leveraging access to the device."}, {"lang": "es", "value": "Juniper Junos 12.1X44 anterior a 12.1X44-D45, 12.1X46 anterior a 12.1X46-D30, 12.1X47 anterior a 12.1X47-D15, y 12.3X48 anterior a 12.3X48-D10 en los dispositivos de la serie SRX no fuerza correctamente la caracter\u00edstica cerrar al desconectar cuando configurada en la estrofa [system port console], lo que permite a atacantes f\u00edsicamente pr\u00f3ximos reconectar con el puerto de la consola y ganar el acceso administrativo mediante el aprovechamiento del acceso al dispositivo."}], "lastModified": "2024-11-21T02:28:29.117", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B307477-C5F2-4D98-AF4C-640D326164C7"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC405A12-112D-4C9D-90DA-6ED484109793"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FC42F2D-7593-4DBE-AE89-A6B78E7F9089"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "731A6469-3DE0-491A-BCC5-7642FB347ACE"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d25:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D12A8119-3E59-4062-9A04-1F6EA48B78E9"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d30:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8B33B80-3189-4412-BFE0-359E755AB07A"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d35:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0E8F87E-DEB2-4849-ABB5-75A67CFD2D39"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d40:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDE231CE-0D93-4293-8720-4CCEE2EA651E"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d45:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74253C79-C13F-4FBD-B173-8E87A62845DD"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E747970-4C27-4B46-9163-964252CB98F6"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x45:d10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5306185-574A-43B4-8B3B-1B047CA36D66"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x45:d15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79F1F205-A4A9-4161-B6CF-55CEEFD7D8D9"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x45:d20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33FD6DB0-F995-4A22-A97F-6276AFE9EFB4"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x45:d30:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A68EAA70-EC73-4C90-AC2A-391324E2C55C"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFB89F64-16BB-4A14-9084-B338668D7FF1"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A71742CF-50B1-44BB-AB7B-27E5DCC9CF70"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FD4237A-C257-4D8A-ABC4-9B2160530A4E"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A449C87-C5C3-48FE-9E46-64ED5DD5F193"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4B6215F-76BF-473F-B325-0975B0EB101E"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BB3DE56-1B04-4A53-B4A4-93286FC98463"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x47:d10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "181C0D30-4476-48EE-A4A4-3B2461F4AC20"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x48:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC51B5DB-B9F2-48B5-A64B-FB2EB5311EB0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC"}, {"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317"}, {"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30"}, {"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED"}, {"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321"}, {"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2"}, {"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D"}, {"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC"}, {"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801"}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710"}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B"}, {"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}