CVE-2015-3002

Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, and 12.3X48 before 12.3X48-D10 on SRX series devices does not properly enforce the log-out-on-disconnect feature when configured in the [system port console] stanza, which allows physically proximate attackers to reconnect to the console port and gain administrative access by leveraging access to the device.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
juniperjunos
12.1x44:x44
juniperjunos
12.1x44:x44
juniperjunos
12.1x44:x44
juniperjunos
12.1x44:x44
juniperjunos
12.1x44:x44
juniperjunos
12.1x44:x44
juniperjunos
12.1x44:x44
juniperjunos
12.1x44:x44
juniperjunos
12.1x44:x44
juniperjunos
12.1x45:x45
juniperjunos
12.1x45:x45
juniperjunos
12.1x45:x45
juniperjunos
12.1x45:x45
juniperjunos
12.1x45:x45
juniperjunos
12.1x46:x46
juniperjunos
12.1x46:x46
juniperjunos
12.1x46:x46
juniperjunos
12.1x46:x46
juniperjunos
12.1x46:x46
juniperjunos
12.1x47:x47
juniperjunos
12.1x47:x47
juniperjunos
12.1x48:x48
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/74019
http://www.securitytracker.com/id/1032091
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10672
http://www.securityfocus.com/bid/74019
http://www.securitytracker.com/id/1032091
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10672