Vulnerability Details : CVE-2014-3816
Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R11, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8-S2, 12.3 before 12.3R7, 13.1 before 13.1R4-S2, 13.2 before 13.2R5, 13.3 before 13.3R2-S2, and 14.1 before 14.1R1 allows remote authenticated users to gain privileges via unspecified combinations of CLI commands and arguments.
Products affected by CVE-2014-3816
- cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:13.1:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:13.2:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:13.3:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-3816
0.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 59 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-3816
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST |
CWE ids for CVE-2014-3816
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-3816
-
http://www.securitytracker.com/id/1030559
Juniper Junos Unspecified Command Line Interface Flaw Lets Local Users Gain Root Privileges - SecurityTracker
-
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10634
Juniper Networks - 2014-07 Security Bulletin: Junos: Multiple privilege escalation vulnerabilities in Junos CLI (CVE-2014-3816)Vendor Advisory
Jump to