VDB
CVE-2014-6384
CVE-2014-6384
PUBLISHED
CVSS 6.900000095367432 MEDIUM
Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D15, 12.3 before 12.3R9, 13.1 before 13.1R4-S3, 13.2 before 13.2R6, 13.3 before 13.3R5, 14.1 before 14.1R3, and 14.2 before 14.2R1 does not properly handle double quotes in authorization attributes in the TACACS+ configuration, which allows local users to bypass the security policy and execute commands via unspecified vectors.
EPSS 0.05% · 16.2th percentile
Risk Scores
CVSS 2.0
6.900000095367432
EPSS Score
0.05%
16.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| juniper | junos | 12.1x44, 12.1x44, 12.1x44 |
Timeline
- Jan 15, 2015 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10664 advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10670 advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10667 advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10669 advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10665 advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10666 advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10668 advisory
- 1031547 vdb
- 72077 vdb
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10667 url
- https://nvd.nist.gov/vuln/detail/CVE-2014-6384 advisory