CVE-2014-3412 : Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firew

Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors.

Published 2014-05-20 14:55:06

Updated 2014-05-21 20:40:44

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2014-3412

Juniper » Junos Space »
Versions up to, including, (<=) 13.1
cpe:2.3:a:juniper:junos_space:*:-:*:*:*:*:*:*
Matching versions
Juniper » Junos Space » Version: 12.2
cpe:2.3:a:juniper:junos_space:12.2:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space » Version: 12.1
cpe:2.3:a:juniper:junos_space:12.1:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space » Version: 1.3
cpe:2.3:a:juniper:junos_space:1.3:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space » Version: 1.2
cpe:2.3:a:juniper:junos_space:1.2:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space » Version: 2.0
cpe:2.3:a:juniper:junos_space:2.0:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space » Version: 1.4
cpe:2.3:a:juniper:junos_space:1.4:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space » Version: 11.2
cpe:2.3:a:juniper:junos_space:11.2:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space » Version: 11.1
cpe:2.3:a:juniper:junos_space:11.1:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space » Version: 11.4
cpe:2.3:a:juniper:junos_space:11.4:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space » Version: 11.3
cpe:2.3:a:juniper:junos_space:11.3:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space » Version: 1.1
cpe:2.3:a:juniper:junos_space:1.1:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space » Version: 1.0
cpe:2.3:a:juniper:junos_space:1.0:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space » Version: 12.3
cpe:2.3:a:juniper:junos_space:12.3:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space Ja1500 Appliance » Version: N/A
cpe:2.3:h:juniper:junos_space_ja1500_appliance:-:*:*:*:*:*:*:*
Matching versions
Juniper » Junos Space Ja2500 Appliance » Version: N/A
cpe:2.3:h:juniper:junos_space_ja2500_appliance:-:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2014-3412

EPSS FAQ

1.94%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 80 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2014-3412

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2014-3412

http://www.securitytracker.com/id/1030254

Juniper Junos Space Unspecified Flaw Lets Remote Users Execute Arbitrary Code - SecurityTracker
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10626

Juniper Networks - 2014-05 Security Bulletin: Junos Space: Arbitrary command execution vulnerability (CVE-2014-3412)
Vendor Advisory
http://www.securityfocus.com/bid/67454

Juniper Junos Space CVE-2014-3412 Unspecified Remote Code Execution Vulnerability

Jump to

Vulnerability Details : CVE-2014-3412

Products affected by CVE-2014-3412

Exploit prediction scoring system (EPSS) score for CVE-2014-3412

CVSS scores for CVE-2014-3412

References for CVE-2014-3412