Vulnerability Details : CVE-2014-3411
Unspecified vulnerability in the NSM XDB service in Juniper NSM before 2012.2R8 allows remote attackers to execute arbitrary code via unspecified vectors.
Vulnerability category: Execute code
Products affected by CVE-2014-3411
- cpe:2.3:a:juniper:network_and_security_manager_software:*:r7:*:*:*:*:*:*
- cpe:2.3:a:juniper:network_and_security_manager_software:2012.2:r4:*:*:*:*:*:*
- cpe:2.3:a:juniper:network_and_security_manager_software:2012.2:r3:*:*:*:*:*:*
- cpe:2.3:a:juniper:network_and_security_manager_software:2012.2:-:*:*:*:*:*:*
- cpe:2.3:a:juniper:network_and_security_manager_software:2012.2:r2:*:*:*:*:*:*
- cpe:2.3:a:juniper:network_and_security_manager_software:2012.2:r1:*:*:*:*:*:*
- cpe:2.3:a:juniper:network_and_security_manager_software:2012.2:r6:*:*:*:*:*:*
- cpe:2.3:a:juniper:network_and_security_manager_software:2012.2:r5:*:*:*:*:*:*
- cpe:2.3:h:juniper:nsm3000:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:nsmexpress:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-3411
43.94%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-3411
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2014-3411
-
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10625
Juniper Networks - 2014-05 Security Bulletin: NSM: Remote code execution vulnerability (CVE-2014-3411)Vendor Advisory
-
http://www.securitytracker.com/id/1030253
Juniper NSM XDB Service Flaw Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://www.securityfocus.com/bid/67445
Juniper Network and Security Manager CVE-2014-3411 Remote Code Execution Vulnerability
Jump to