Sign-up

ID

VAR-201504-0551


CVE

CVE-2015-3003


TITLE

Juniper Junos Vulnerability gained in

Trust: 0.8

sources: JVNDB: JVNDB-2015-002198

DESCRIPTION

Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D10, 13.2 before 13.2R6, 13.3 before 13.3R5, 14.1 before 14.1R3, and 14.2 before 14.2R1 allows local users to gain privileges via crafted combinations of CLI commands and arguments. Juniper Junos is prone to multiple local privilege escalation vulnerabilities. Local attackers can exploit these issues to gain root privileges. Juniper Junos is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware system. The operating system provides a secure programming interface and Junos SDK. A security vulnerability exists in Juniper Networks Junos. The following versions are affected: Juniper Networks Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D10, Version 13.2 before 13.2R6, version 13.3 before 13.3R5, version 14.1 before 14.1R3, version 14.2 before 14.2R1

Trust: 1.98

sources: NVD: CVE-2015-3003 // JVNDB: JVNDB-2015-002198 // BID: 74023 // VULHUB: VHN-80964

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:12.1x44

Trust: 1.9

vendor:junipermodel:junosscope:eqversion:14.2

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:13.3

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:14.1

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:13.2

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:12.3

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:12.1x47

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:12.1x46

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:12.1x45

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:12.3x48

Trust: 1.0

vendor:junipermodel:junos osscope:eqversion:12.1x44-d45

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:13.3r5

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.2r1

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.3

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.1r3

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:14.2

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1x46

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1x44

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:13.3

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x47-d20

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.3x48

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.3r9

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.3x48-d10

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:13.2

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:14.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:13.2r6

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1x47

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x46-d30

Trust: 0.8

vendor:junipermodel:junos 14.1r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.3r4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.3r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.3r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.3r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2r4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos r8scope:eqversion:12.3

Trust: 0.3

vendor:junipermodel:junos r7scope:eqversion:12.3

Trust: 0.3

vendor:junipermodel:junos r6scope:eqversion:12.3

Trust: 0.3

vendor:junipermodel:junos r5scope:eqversion:12.3

Trust: 0.3

vendor:junipermodel:junos r4scope:eqversion:12.3

Trust: 0.3

vendor:junipermodel:junos r3scope:eqversion:12.3

Trust: 0.3

vendor:junipermodel:junos r2scope:eqversion:12.3

Trust: 0.3

vendor:junipermodel:junos r1scope:eqversion:12.3

Trust: 0.3

vendor:junipermodel:junos 12.1x47-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x47-d11scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x47-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos d10scope:eqversion:12.1x47

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos d25scope:eqversion:12.1x46

Trust: 0.3

vendor:junipermodel:junos d20scope:eqversion:12.1x46

Trust: 0.3

vendor:junipermodel:junos d15scope:eqversion:12.1x46

Trust: 0.3

vendor:junipermodel:junos d10scope:eqversion:12.1x46

Trust: 0.3

vendor:junipermodel:junos -d10scope:eqversion:12.1x46

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d34scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d32scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d30.4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d26scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d20.3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos d40scope:eqversion:12.1x44

Trust: 0.3

vendor:junipermodel:junos d35scope:eqversion:12.1x44

Trust: 0.3

vendor:junipermodel:junos d30scope:eqversion:12.1x44

Trust: 0.3

vendor:junipermodel:junos d25scope:eqversion:12.1x44

Trust: 0.3

vendor:junipermodel:junos d20scope:eqversion:12.1x44

Trust: 0.3

vendor:junipermodel:junos d15scope:eqversion:12.1x44

Trust: 0.3

vendor:junipermodel:junos d10scope:eqversion:12.1x44

Trust: 0.3

vendor:junipermodel:junos 12.1r9scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1r8-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1r8-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1r8scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1r7-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1r7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1r6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1r5.5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1r11scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1r10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1rscope: - version: -

Trust: 0.3

vendor:junipermodel:junos r11scope:eqversion:12.1

Trust: 0.3

vendor:junipermodel:junosscope:eqversion:12.1

Trust: 0.3

vendor:junipermodel:junos 14.2r1scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 14.1r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 13.3r5scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 13.2r6scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d10scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.3r9scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.1x47-d20scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d30scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d45scope:neversion: -

Trust: 0.3

sources: BID: 74023 // JVNDB: JVNDB-2015-002198 // CNNVD: CNNVD-201504-181 // NVD: CVE-2015-3003

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-3003
value: HIGH

Trust: 1.0

NVD: CVE-2015-3003
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201504-181
value: HIGH

Trust: 0.6

VULHUB: VHN-80964
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-3003
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-80964
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-80964 // JVNDB: JVNDB-2015-002198 // CNNVD: CNNVD-201504-181 // NVD: CVE-2015-3003

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-80964 // JVNDB: JVNDB-2015-002198 // NVD: CVE-2015-3003

THREAT TYPE

local

Trust: 0.9

sources: BID: 74023 // CNNVD: CNNVD-201504-181

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201504-181

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-002198

PATCH
title:JSA10674url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10674
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-002198

EXTERNAL IDS
db:NVDid:CVE-2015-3003
Trust: 2.8
db:JUNIPERid:JSA10674
Trust: 2.0
db:BIDid:74023
Trust: 1.4
db:SECTRACKid:1032092
Trust: 1.1
db:JVNDBid:JVNDB-2015-002198
Trust: 0.8
db:CNNVDid:CNNVD-201504-181
Trust: 0.7
db:VULHUBid:VHN-80964
Trust: 0.1
sources:
            
            
            VULHUB: VHN-80964 // 
            
            
            
            BID: 74023 // 
            
            
            
            JVNDB: JVNDB-2015-002198 // 
            
            
            
            CNNVD: CNNVD-201504-181 // 
            
            
            
            NVD: CVE-2015-3003

REFERENCES
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10674
Trust: 1.6
url:http://www.securityfocus.com/bid/74023
Trust: 1.1
url:http://www.securitytracker.com/id/1032092
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3003
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3003
Trust: 0.8
url:http://www.juniper.net
Trust: 0.3
url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10674&cat=sirt_1&actp=list
Trust: 0.3
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10674
Trust: 0.1
sources:
            
            
            VULHUB: VHN-80964 // 
            
            
            
            BID: 74023 // 
            
            
            
            JVNDB: JVNDB-2015-002198 // 
            
            
            
            CNNVD: CNNVD-201504-181 // 
            
            
            
            NVD: CVE-2015-3003

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 74023

SOURCES
db:VULHUBid:VHN-80964
db:BIDid:74023
db:JVNDBid:JVNDB-2015-002198
db:CNNVDid:CNNVD-201504-181
db:NVDid:CVE-2015-3003

LAST UPDATE DATE
2025-04-13T23:41:21.283000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-80964date:2016-12-03T00:00:00
db:BIDid:74023date:2015-04-09T00:00:00
db:JVNDBid:JVNDB-2015-002198date:2015-04-14T00:00:00
db:CNNVDid:CNNVD-201504-181date:2015-04-14T00:00:00
db:NVDid:CVE-2015-3003date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-80964date:2015-04-10T00:00:00
db:BIDid:74023date:2015-04-09T00:00:00
db:JVNDBid:JVNDB-2015-002198date:2015-04-14T00:00:00
db:CNNVDid:CNNVD-201504-181date:2015-04-14T00:00:00
db:NVDid:CVE-2015-3003date:2015-04-10T15:00:07.943