NVD

Id
24951  
Name
CVE-2015-3007  
Description
The Juniper SRX Series services gateways with Junos OS 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before 12.3X48-D15 do not properly implement the "set system ports console insecure" feature, which allows physically proximate attackers to gain administrative privileges by leveraging access to the console port.  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2015-07-14  
Modified Date
2015-07-15  
Seq
2015-3007  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
131565 24951 CVE-2015-3007 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10683  View
131566 24951 CVE-2015-3007 1032841  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
8319 JVNDB-2015-003639 Juniper SRX シリーズサービスゲートウェイの Junos OS における管理者権限を取得される脆弱性 Juniper SRX シリーズサービスゲートウェイの Junos OS は、"set system ports console insecure" 機能を適切に実装しないため、管理者権限を取得される脆弱性が存在します。 CVE-2015-3007 80232 CVE-2015-3007 24951 7.2 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-003639.html 2015-07-08 2015-07-17 View