CVE-2013-6012 — Vulnetix

CVE-2013-6012 PUBLISHED CVSS 8.5 HIGH

Juniper Junos 12.1X44 before 12.1.X44-D20 and 12.1X45 before 12.1X45-D15, when the no-validate option is enabled, does not properly handle configuration validation errors during the config commit phase of the boot-up sequence, which allows remote attackers to bypass authentication via unspecified vectors.

EPSS 0.15% · 35.3th percentile

Risk Scores

CVSS 2.0

8.5

EPSS Score

0.15%

35.3th percentile

Affected Products

Vendor	Product	Versions
juniper	junos	12.1x44, 12.1x45
n/a	n/a	n/a

Exploit Intelligence

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10593 (circl)
63389 (circl)

Timeline

Oct 28, 2013 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 17, 2022 CVE Updated
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10596 advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10594 advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10598 advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10595 advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10593 advisory
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10593 url
63389 vdb
https://nvd.nist.gov/vuln/detail/CVE-2013-6012 advisory

Open in Interactive Console →