CVE-2014-6447 (GCVE-0-2014-6447)
Vulnerability from cvelistv5
Published
2020-02-11 16:40
Modified
2024-08-06 12:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, 14.2 before 14.2R1, and 15.1 before 15.1R1.
References
| URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:17:24.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10682"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032846"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, 14.2 before 14.2R1, and 15.1 before 15.1R1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T16:40:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10682"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1032846"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6447",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, 14.2 before 14.2R1, and 15.1 before 15.1R1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10682",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10682"
},
{
"name": "http://www.securitytracker.com/id/1032846",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1032846"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-6447",
"datePublished": "2020-02-11T16:40:15",
"dateReserved": "2014-09-17T00:00:00",
"dateUpdated": "2024-08-06T12:17:24.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2014-6447\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-02-11T17:15:11.703\",\"lastModified\":\"2024-11-21T02:14:24.100\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, 14.2 before 14.2R1, and 15.1 before 15.1R1.\"},{\"lang\":\"es\",\"value\":\"Se presentan m\u00faltiples vulnerabilidades en el manejo de errores de Juniper Junos J-Web que pueden conllevar a problemas de tipo cross site scripting (XSS) o bloquear el servicio J-Web (DoS). Esto afecta a Juniper Junos OS versiones 12.1X44 anteriores a 12.1X44-D45, versiones 12.1X46 anteriores a 12.1X46-D30, versiones 12.1X47 anteriores a 12.1X47-D20, versiones 12.3 anteriores a 12.3R8, versiones 12.3X48 anteriores a 12.3X48-D10, versiones 13.1 anteriores a 13.1R5, versiones 13.2 anteriores a 13.2 R6, versiones 13.3 anteriores a 13.3R4, versiones 14.1 anteriores a 14.1R3, versiones 14.1X53 anteriores a 14.1X53-D10, versiones 14.2 anteriores a 14.2R1 y versiones 15.1 anteriores a 15.1R1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":3.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:P\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"86141A33-344E-4152-8B76-2DB383954F02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC405A12-112D-4C9D-90DA-6ED484109793\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FC42F2D-7593-4DBE-AE89-A6B78E7F9089\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"731A6469-3DE0-491A-BCC5-7642FB347ACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:d25:*:*:*:*:*:*\",\"matchCriteriaId\":\"D12A8119-3E59-4062-9A04-1F6EA48B78E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8B33B80-3189-4412-BFE0-359E755AB07A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0E8F87E-DEB2-4849-ABB5-75A67CFD2D39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDE231CE-0D93-4293-8720-4CCEE2EA651E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"92F31F7F-02E0-4E63-A600-DF8AB4E3BAA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"A71742CF-50B1-44BB-AB7B-27E5DCC9CF70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FD4237A-C257-4D8A-ABC4-9B2160530A4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A449C87-C5C3-48FE-9E46-64ED5DD5F193\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4B6215F-76BF-473F-B325-0975B0EB101E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x47:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABBEDB3F-5FD1-4290-A80A-7EAD9B9C38C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x47:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"181C0D30-4476-48EE-A4A4-3B2461F4AC20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x47:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"63F559A2-2744-4771-9420-C70AA87496A2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"223C12D0-61A0-4C12-8AFC-A0CB64759A31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"371A7DF8-3F4B-439D-8990-D1BC6F0C25C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6F309FD-0A5A-4C86-B227-B2B511A5CEB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"960059B5-0701-4B75-AB51-0A430247D9F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D1DCA52-DA81-495B-B516-5571F01E3B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"05E187F6-BACD-4DD5-B393-B2FE4349053A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r7:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C240840-A6BC-4E3D-A60D-22F08E67E2B2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC1FED64-8725-4978-9EBF-E3CD8EF338E4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"67B3BF03-9919-4C12-97A3-B20161725F35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCD4D8EB-8625-47CD-8F0E-D2FC8CAA5462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0150A4C-2C5A-49FC-8FB3-B93CB45B8284\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFEB7A59-7536-4A92-A9C8-79FDE657B8AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.1:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD9ADCD2-DC32-4724-8324-60246E8BC953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.1:r4-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"08BC545E-EBE1-45EB-9D1E-9CAEF52E7C6D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"931D77A8-FA39-479E-91DB-CDDC9113252B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3A0A607-7D3C-4F2A-B5F5-576A70649CB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"32E9620A-7C0A-474C-919E-13609FFE580D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"672D3A38-92B4-4F33-82A6-B2D3F3403AF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5C24441-6E9D-4EF7-8903-A109A52340C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CB98C4F-617F-4F51-A86E-D1EBE2BDE583\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE2FBBA2-6185-463F-96D3-9AB2C778B4F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FF9FF91-9184-4D18-8288-9110E35F4AE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:r10:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA058F8A-01BE-48EA-9E67-98FF069E78D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F2E537B-9504-4912-B231-0D83F4459469\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"99A946CE-FFC7-4F16-82F4-795A6E5B84C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BCB3837-DCBC-4997-B63E-E47957584709\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"09571E75-0EA2-4775-B1AB-CB0A0998F6D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C778627-820A-48F5-9680-0205D6DB5EB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA7F03DC-73A2-4760-B386-2A57E9C97E65\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FEF5DD8-B0B2-4ED2-B38F-CE870485AB8C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7887DC05-BEBE-4D7C-8F7A-C1A70237EE4F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"285CD1E5-C6D3-470A-8556-653AFF74D0F3\"}]}]}],\"references\":[{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10682\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1032846\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10682\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1032846\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…