CVE-2014-6447

{"id": "CVE-2014-6447", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 2.8}]}, "published": "2020-02-11T17:15:11.703", "references": [{"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10682", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1032846", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, 14.2 before 14.2R1, and 15.1 before 15.1R1."}, {"lang": "es", "value": "Se presentan m\u00faltiples vulnerabilidades en el manejo de errores de Juniper Junos J-Web que pueden conllevar a problemas de tipo cross site scripting (XSS) o bloquear el servicio J-Web (DoS). Esto afecta a Juniper Junos OS versiones 12.1X44 anteriores a 12.1X44-D45, versiones 12.1X46 anteriores a 12.1X46-D30, versiones 12.1X47 anteriores a 12.1X47-D20, versiones 12.3 anteriores a 12.3R8, versiones 12.3X48 anteriores a 12.3X48-D10, versiones 13.1 anteriores a 13.1R5, versiones 13.2 anteriores a 13.2 R6, versiones 13.3 anteriores a 13.3R4, versiones 14.1 anteriores a 14.1R3, versiones 14.1X53 anteriores a 14.1X53-D10, versiones 14.2 anteriores a 14.2R1 y versiones 15.1 anteriores a 15.1R1."}], "lastModified": "2020-02-25T16:48:58.123", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.1x44:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86141A33-344E-4152-8B76-2DB383954F02"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC405A12-112D-4C9D-90DA-6ED484109793"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FC42F2D-7593-4DBE-AE89-A6B78E7F9089"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "731A6469-3DE0-491A-BCC5-7642FB347ACE"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d25:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D12A8119-3E59-4062-9A04-1F6EA48B78E9"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d30:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8B33B80-3189-4412-BFE0-359E755AB07A"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d35:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0E8F87E-DEB2-4849-ABB5-75A67CFD2D39"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:d40:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDE231CE-0D93-4293-8720-4CCEE2EA651E"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.1x46:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92F31F7F-02E0-4E63-A600-DF8AB4E3BAA3"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A71742CF-50B1-44BB-AB7B-27E5DCC9CF70"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FD4237A-C257-4D8A-ABC4-9B2160530A4E"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A449C87-C5C3-48FE-9E46-64ED5DD5F193"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4B6215F-76BF-473F-B325-0975B0EB101E"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.1x47:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABBEDB3F-5FD1-4290-A80A-7EAD9B9C38C4"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x47:d10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "181C0D30-4476-48EE-A4A4-3B2461F4AC20"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x47:d15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63F559A2-2744-4771-9420-C70AA87496A2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "223C12D0-61A0-4C12-8AFC-A0CB64759A31"}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "371A7DF8-3F4B-439D-8990-D1BC6F0C25C5"}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2"}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6F309FD-0A5A-4C86-B227-B2B511A5CEB4"}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "960059B5-0701-4B75-AB51-0A430247D9F0"}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D1DCA52-DA81-495B-B516-5571F01E3B0A"}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05E187F6-BACD-4DD5-B393-B2FE4349053A"}, {"criteria": "cpe:2.3:o:juniper:junos:12.3:r7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C240840-A6BC-4E3D-A60D-22F08E67E2B2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC1FED64-8725-4978-9EBF-E3CD8EF338E4"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:13.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67B3BF03-9919-4C12-97A3-B20161725F35"}, {"criteria": "cpe:2.3:o:juniper:junos:13.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCD4D8EB-8625-47CD-8F0E-D2FC8CAA5462"}, {"criteria": "cpe:2.3:o:juniper:junos:13.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0150A4C-2C5A-49FC-8FB3-B93CB45B8284"}, {"criteria": "cpe:2.3:o:juniper:junos:13.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFEB7A59-7536-4A92-A9C8-79FDE657B8AB"}, {"criteria": "cpe:2.3:o:juniper:junos:13.1:r4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD9ADCD2-DC32-4724-8324-60246E8BC953"}, {"criteria": "cpe:2.3:o:juniper:junos:13.1:r4-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08BC545E-EBE1-45EB-9D1E-9CAEF52E7C6D"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:13.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "931D77A8-FA39-479E-91DB-CDDC9113252B"}, {"criteria": "cpe:2.3:o:juniper:junos:13.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3A0A607-7D3C-4F2A-B5F5-576A70649CB1"}, {"criteria": "cpe:2.3:o:juniper:junos:13.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32E9620A-7C0A-474C-919E-13609FFE580D"}, {"criteria": "cpe:2.3:o:juniper:junos:13.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "672D3A38-92B4-4F33-82A6-B2D3F3403AF3"}, {"criteria": "cpe:2.3:o:juniper:junos:13.2:r4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5C24441-6E9D-4EF7-8903-A109A52340C0"}, {"criteria": "cpe:2.3:o:juniper:junos:13.2:r5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CB98C4F-617F-4F51-A86E-D1EBE2BDE583"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:13.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE2FBBA2-6185-463F-96D3-9AB2C778B4F4"}, {"criteria": "cpe:2.3:o:juniper:junos:13.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FF9FF91-9184-4D18-8288-9110E35F4AE5"}, {"criteria": "cpe:2.3:o:juniper:junos:13.3:r10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA058F8A-01BE-48EA-9E67-98FF069E78D5"}, {"criteria": "cpe:2.3:o:juniper:junos:13.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F2E537B-9504-4912-B231-0D83F4459469"}, {"criteria": "cpe:2.3:o:juniper:junos:13.3:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99A946CE-FFC7-4F16-82F4-795A6E5B84C2"}, {"criteria": "cpe:2.3:o:juniper:junos:13.3:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BCB3837-DCBC-4997-B63E-E47957584709"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09571E75-0EA2-4775-B1AB-CB0A0998F6D1"}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C778627-820A-48F5-9680-0205D6DB5EB6"}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA7F03DC-73A2-4760-B386-2A57E9C97E65"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1x53:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FEF5DD8-B0B2-4ED2-B38F-CE870485AB8C"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7887DC05-BEBE-4D7C-8F7A-C1A70237EE4F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "285CD1E5-C6D3-470A-8556-653AFF74D0F3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}