Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2711

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-2711
Last Modified 08 Oct 2015 10:58:48
Published 14 Apr 2014 11:09:06
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-2711

Summary

Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 11.4R11, 11.4X27 before 11.4X27.62 (BBE), 12.1 before 12.1R9, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.2 before 12.2R7, 12.3 before 12.3R6, 13.1 before 13.1R4, 13.2 before 13.2R3, and 13.3 before 13.3R1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Operating System

  • Juniper Junos 11.4

  • Juniper Junos 11.4x27

  • Juniper Junos 12.1

  • Juniper Junos 12.1x44

  • Juniper Junos 12.1x45

  • Juniper Junos 12.1x46

  • Juniper Junos 12.2

  • Juniper Junos 12.3

  • Juniper Junos 13.1

  • Juniper Junos 13.2

  • Juniper Junos 13.3


References

CONFIRM - http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10619

SECTRACK - 1030061

BID - 66770


Last Updated: 27 May 2016 11:04:56