{ "id": "CVE-2015-3004", "sourceIdentifier": "cve@mitre.org", "published": "2015-04-10T15:00:08.693", "lastModified": "2016-12-03T03:07:51.727", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "J-Web in Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D35, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D10, 12.3X48 before 12.3X48-D10, 12.2 before 12.2R9, 12.3 before 12.3R7, 13.2 before 13.2R6, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R5, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, and 14.2 before 14.2R1 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header." }, { "lang": "es", "value": "J-Web en Juniper Junos 11.4 anterior a 11.4R12, 12.1X44 anterior a 12.1X44-D35, 12.1X46 anterior a 12.1X46-D25, 12.1X47 anterior a 12.1X47-D10, 12.3X48 anterior a 12.3X48-D10, 12.2 anterior a 12.2R9, 12.3 anterior a 12.3R7, 13.2 anterior a 13.2R6, 13.2X51 anterior a 13.2X51-D20, 13.3 anterior a 13.3R5, 14.1 anterior a 14.1R3, 14.1X53 anterior a 14.1X53-D10, y 14.2 anterior a 14.2R1 permite a atacantes remotos realizar ataques de clickjacking a trav\u00e9s de una cabecera X-Frame-Options." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 4.3 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-20" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*", "matchCriteriaId": "1B307477-C5F2-4D98-AF4C-640D326164C7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.1x44:d10:*:*:*:*:*:*", "matchCriteriaId": "AC405A12-112D-4C9D-90DA-6ED484109793" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.1x44:d15:*:*:*:*:*:*", "matchCriteriaId": "3FC42F2D-7593-4DBE-AE89-A6B78E7F9089" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.1x44:d20:*:*:*:*:*:*", "matchCriteriaId": "731A6469-3DE0-491A-BCC5-7642FB347ACE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.1x44:d25:*:*:*:*:*:*", "matchCriteriaId": "D12A8119-3E59-4062-9A04-1F6EA48B78E9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.1x44:d30:*:*:*:*:*:*", "matchCriteriaId": "E8B33B80-3189-4412-BFE0-359E755AB07A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*", "matchCriteriaId": "CFB89F64-16BB-4A14-9084-B338668D7FF1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*", "matchCriteriaId": "A71742CF-50B1-44BB-AB7B-27E5DCC9CF70" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*", "matchCriteriaId": "4FD4237A-C257-4D8A-ABC4-9B2160530A4E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*", "matchCriteriaId": "5A449C87-C5C3-48FE-9E46-64ED5DD5F193" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*", "matchCriteriaId": "0BB3DE56-1B04-4A53-B4A4-93286FC98463" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:*", "matchCriteriaId": "5FB9541A-2570-459A-87D6-5341C67B8EC8" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.2:r1:*:*:*:*:*:*", "matchCriteriaId": "43B661F8-1F43-4073-9275-AE1FFCB17BF8" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.2:r2:*:*:*:*:*:*", "matchCriteriaId": "EF88921E-18E4-49B2-AAF4-ED8C393D4750" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.2:r3:*:*:*:*:*:*", "matchCriteriaId": "144DA08B-A129-4DC6-81D2-782BD7C3074B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.2:r4:*:*:*:*:*:*", "matchCriteriaId": "F1936A41-302E-4546-9F7A-CAE3A3C68718" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.2:r5:*:*:*:*:*:*", "matchCriteriaId": "6EB55673-5857-452F-9D22-B422CC9CC3F3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.2:r6:*:*:*:*:*:*", "matchCriteriaId": "03D4519D-1289-47E9-BFB7-E3831BFD50F6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.2:r7:*:*:*:*:*:*", "matchCriteriaId": "77CDB10F-3BCE-41AF-B633-DFAC9B8A5D9F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.2:r8:*:*:*:*:*:*", "matchCriteriaId": "B795A4AD-38A1-470B-86B2-872011C80DB3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.2:r8-s2:*:*:*:*:*:*", "matchCriteriaId": "A89F7B01-F83C-426B-A555-A553479CB0F3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*", "matchCriteriaId": "371A7DF8-3F4B-439D-8990-D1BC6F0C25C5" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*", "matchCriteriaId": "7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*", "matchCriteriaId": "C6F309FD-0A5A-4C86-B227-B2B511A5CEB4" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*", "matchCriteriaId": "960059B5-0701-4B75-AB51-0A430247D9F0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*", "matchCriteriaId": "1D1DCA52-DA81-495B-B516-5571F01E3B0A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.3:r6:*:*:*:*:*:*", "matchCriteriaId": "05E187F6-BACD-4DD5-B393-B2FE4349053A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:12.3x48:*:*:*:*:*:*:*", "matchCriteriaId": "7192552C-7D4A-4D95-BA79-CDF465E27D37" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "CAB7D840-9469-4CE2-8DBF-017A44741374" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.2:r1:*:*:*:*:*:*", "matchCriteriaId": "D3A0A607-7D3C-4F2A-B5F5-576A70649CB1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.2:r2:*:*:*:*:*:*", "matchCriteriaId": "32E9620A-7C0A-474C-919E-13609FFE580D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.2:r3:*:*:*:*:*:*", "matchCriteriaId": "672D3A38-92B4-4F33-82A6-B2D3F3403AF3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.2:r4:*:*:*:*:*:*", "matchCriteriaId": "F5C24441-6E9D-4EF7-8903-A109A52340C0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.2:r5:*:*:*:*:*:*", "matchCriteriaId": "7CB98C4F-617F-4F51-A86E-D1EBE2BDE583" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.2x51:*:*:*:*:*:*:*", "matchCriteriaId": "8B73BE56-F298-4EC5-88A3-D9808B89B63B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.2x51:d10:*:*:*:*:*:*", "matchCriteriaId": "62B55703-15BC-409B-ACF0-CD5671B9E372" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.2x51:d15:*:*:*:*:*:*", "matchCriteriaId": "3947A516-2054-48B3-ADFD-3CF88EC2288D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.3:*:*:*:*:*:*:*", "matchCriteriaId": "E4AF5DAA-62F5-491F-A9CE-098970671D43" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.3:r1:*:*:*:*:*:*", "matchCriteriaId": "3FF9FF91-9184-4D18-8288-9110E35F4AE5" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.3:r2:*:*:*:*:*:*", "matchCriteriaId": "0F2E537B-9504-4912-B231-0D83F4459469" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.3:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "99A946CE-FFC7-4F16-82F4-795A6E5B84C2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.3:r3:*:*:*:*:*:*", "matchCriteriaId": "4BCB3837-DCBC-4997-B63E-E47957584709" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:13.3:r4:*:*:*:*:*:*", "matchCriteriaId": "6C88E2B1-469B-442B-9FC0-7C9408CE3917" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*", "matchCriteriaId": "6237291A-B861-4D53-B7AA-C53A44B76896" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*", "matchCriteriaId": "9C778627-820A-48F5-9680-0205D6DB5EB6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*", "matchCriteriaId": "FA7F03DC-73A2-4760-B386-2A57E9C97E65" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*", "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:*", "matchCriteriaId": "D59449C6-5BD5-4C07-AEF6-EEBC70D9C4C7" } ] } ] } ], "references": [ { "url": "http://www.securityfocus.com/bid/74017", "source": "cve@mitre.org" }, { "url": "http://www.securitytracker.com/id/1032090", "source": "cve@mitre.org" }, { "url": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10675", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] } ] }