CVE-2015-3007
Description
The Juniper SRX Series services gateways with Junos OS 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before 12.3X48-D15 do not properly implement the set system ports console insecure feature, which allows physically proximate attackers to gain administrative privileges by leveraging access to the console port.
Risk Information
Base Score
6.8
MODERATE
Vector
AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.041
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are fixed in junos 12.1x46-d35 | NCM |
| Multiple Vulnerabilities are fixed in junos 12.1x47-d25 | NCM |
| Vulnerabilities CVE-2015-3007,CVE-2015-5358,CVE-2015-5363 are fixed in junos 12.3x48-d15 | NCM |
| Improper Access Control Vulnerability (CVE-2015-3007) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234