CVE-2014-6448

EUVD-2014-6327
Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before 13.3R3 allow local users to bypass intended restrictions and execute arbitrary Python code via vectors involving shell access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
Affected Products (NVD)
VendorProductVersion
juniperjunos
13.2
juniperjunos
13.2:r1
juniperjunos
13.2:r2
juniperjunos
13.2:r3
juniperjunos
13.2:r4
juniperjunos
13.2x51:x51
juniperjunos
13.2x52:x52
juniperjunos
13.3
juniperjunos
13.3:r1
juniperjunos
13.3:r2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10695
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10695