CVE-2014-3413

EUVD-2014-3426
The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers to obtain sensitive information and consequently obtain administrative control by leveraging database access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
Affected Products (NVD)
VendorProductVersion
juniperjunos_space
13.3:r1.1
juniperjunos_space
13.3:r1.2
juniperjunos_space
13.3:r1.3
juniperjunos_space
13.3:r1.4
juniperjunos_space
13.3:r1.5
juniperjunos_space
13.3:r1.6
juniperjunos_space
13.3:r1.7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10627
https://www.tenable.com/security/research/tra-2014-01
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10627
https://www.tenable.com/security/research/tra-2014-01