Vulnerability-Lookup

CVE-2013-6618 (GCVE-0-2013-6618)

Vulnerability from cvelistv5 – Published: 2013-11-05 20:00 – Updated: 2024-08-06 17:46

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.senseofsecurity.com.au/advisories/SOS-13-003	x_refsource_MISC
	http://kb.juniper.net/InfoCenter/index?page=conte…	x_refsource_CONFIRM
	http://www.exploit-db.com/exploits/29544	exploitx_refsource_EXPLOIT-DB
	http://secunia.com/advisories/54731	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/62305	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id/1029016	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:46:22.170Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.senseofsecurity.com.au/advisories/SOS-13-003"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560"
          },
          {
            "name": "29544",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/29544"
          },
          {
            "name": "54731",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/54731"
          },
          {
            "name": "62305",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/62305"
          },
          {
            "name": "juniper-port-command-execution(87011)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87011"
          },
          {
            "name": "1029016",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1029016"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-09-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.senseofsecurity.com.au/advisories/SOS-13-003"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560"
        },
        {
          "name": "29544",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/29544"
        },
        {
          "name": "54731",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/54731"
        },
        {
          "name": "62305",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/62305"
        },
        {
          "name": "juniper-port-command-execution(87011)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87011"
        },
        {
          "name": "1029016",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1029016"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-6618",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.senseofsecurity.com.au/advisories/SOS-13-003",
              "refsource": "MISC",
              "url": "http://www.senseofsecurity.com.au/advisories/SOS-13-003"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560"
            },
            {
              "name": "29544",
              "refsource": "EXPLOIT-DB",
              "url": "http://www.exploit-db.com/exploits/29544"
            },
            {
              "name": "54731",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/54731"
            },
            {
              "name": "62305",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/62305"
            },
            {
              "name": "juniper-port-command-execution(87011)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87011"
            },
            {
              "name": "1029016",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1029016"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-6618",
    "datePublished": "2013-11-05T20:00:00",
    "dateReserved": "2013-11-05T00:00:00",
    "dateUpdated": "2024-08-06T17:46:22.170Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"10.4\", \"matchCriteriaId\": \"87B7BB4C-BF3D-4E88-9422-816CB5ECE523\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8FFDD73-F4A7-42BC-8CEF-4E7CC469CF28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:10.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3546BA8D-CEA4-4C95-B18F-4AC112195008\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:10.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DC12ED6-463F-4576-80F4-E1B697B579B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:10.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37235C6B-B7B8-41EC-A1D2-336D8BAD9DBF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41543223-0FA9-4CBE-8DEC-717CE5FFED79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B40B8FD6-A597-4845-8E8E-63EFDF606006\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5FB9541A-2570-459A-87D6-5341C67B8EC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E014A0D-0054-4EBA-BA1F-035B74BD822F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.\"}, {\"lang\": \"es\", \"value\": \"jsdm / ajax / port.php de J-Web en Juniper Junos anterior 10.4R13, 11.4 anterior a 11.4R, 12,.1 anterior a 12.1R5  anterior a 12.2R3 y 12.3 antes 12.3R1 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a trav\\u00e9s del par\\u00e1metro rsargs en una acci\\u00f3n exec.\"}]",
      "id": "CVE-2013-6618",
      "lastModified": "2024-11-21T01:59:22.550",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-11-05T20:55:30.243",
      "references": "[{\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/54731\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.exploit-db.com/exploits/29544\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/62305\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securitytracker.com/id/1029016\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.senseofsecurity.com.au/advisories/SOS-13-003\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"URL Repurposed\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/87011\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/54731\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.exploit-db.com/exploits/29544\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/62305\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securitytracker.com/id/1029016\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.senseofsecurity.com.au/advisories/SOS-13-003\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"URL Repurposed\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/87011\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-6618\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2013-11-05T20:55:30.243\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.\"},{\"lang\":\"es\",\"value\":\"jsdm / ajax / port.php de J-Web en Juniper Junos anterior 10.4R13, 11.4 anterior a 11.4R, 12,.1 anterior a 12.1R5  anterior a 12.2R3 y 12.3 antes 12.3R1 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a trav\u00e9s del par\u00e1metro rsargs en una acci\u00f3n exec.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.4\",\"matchCriteriaId\":\"87B7BB4C-BF3D-4E88-9422-816CB5ECE523\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8FFDD73-F4A7-42BC-8CEF-4E7CC469CF28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3546BA8D-CEA4-4C95-B18F-4AC112195008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DC12ED6-463F-4576-80F4-E1B697B579B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37235C6B-B7B8-41EC-A1D2-336D8BAD9DBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41543223-0FA9-4CBE-8DEC-717CE5FFED79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40B8FD6-A597-4845-8E8E-63EFDF606006\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FB9541A-2570-459A-87D6-5341C67B8EC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E014A0D-0054-4EBA-BA1F-035B74BD822F\"}]}]}],\"references\":[{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/54731\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.exploit-db.com/exploits/29544\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/62305\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securitytracker.com/id/1029016\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.senseofsecurity.com.au/advisories/SOS-13-003\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"URL Repurposed\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/87011\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/54731\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.exploit-db.com/exploits/29544\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/62305\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securitytracker.com/id/1029016\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.senseofsecurity.com.au/advisories/SOS-13-003\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"URL Repurposed\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/87011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2013-6618

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-6618

Aliases

CVE-2013-6618

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-6618",
    "description": "jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.",
    "id": "GSD-2013-6618"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-6618"
      ],
      "details": "jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.",
      "id": "GSD-2013-6618",
      "modified": "2023-12-13T01:22:18.997068Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2013-6618",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.senseofsecurity.com.au/advisories/SOS-13-003",
            "refsource": "MISC",
            "url": "http://www.senseofsecurity.com.au/advisories/SOS-13-003"
          },
          {
            "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560",
            "refsource": "CONFIRM",
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560"
          },
          {
            "name": "29544",
            "refsource": "EXPLOIT-DB",
            "url": "http://www.exploit-db.com/exploits/29544"
          },
          {
            "name": "54731",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/54731"
          },
          {
            "name": "62305",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/62305"
          },
          {
            "name": "juniper-port-command-execution(87011)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87011"
          },
          {
            "name": "1029016",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1029016"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:10.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:10.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-6618"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560"
            },
            {
              "name": "54731",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/54731"
            },
            {
              "name": "http://www.senseofsecurity.com.au/advisories/SOS-13-003",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.senseofsecurity.com.au/advisories/SOS-13-003"
            },
            {
              "name": "1029016",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1029016"
            },
            {
              "name": "62305",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/62305"
            },
            {
              "name": "29544",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "http://www.exploit-db.com/exploits/29544"
            },
            {
              "name": "juniper-port-command-execution(87011)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87011"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-29T01:33Z",
      "publishedDate": "2013-11-05T20:55Z"
    }
  }
}

FKIE_CVE-2013-6618

Vulnerability from fkie_nvd - Published: 2013-11-05 20:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10560	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/54731	Vendor Advisory
cve@mitre.org	http://www.exploit-db.com/exploits/29544
cve@mitre.org	http://www.securityfocus.com/bid/62305	Exploit
cve@mitre.org	http://www.securitytracker.com/id/1029016
cve@mitre.org	http://www.senseofsecurity.com.au/advisories/SOS-13-003	Exploit, URL Repurposed
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/87011
af854a3a-2127-422b-91ae-364da2661108	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10560	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/54731	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.exploit-db.com/exploits/29544
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/62305	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1029016
af854a3a-2127-422b-91ae-364da2661108	http://www.senseofsecurity.com.au/advisories/SOS-13-003	Exploit, URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/87011

Impacted products

Vendor	Product	Version
juniper	junos	*
juniper	junos	10.0
juniper	junos	10.1
juniper	junos	10.2
juniper	junos	10.3
juniper	junos	11.4
juniper	junos	12.1
juniper	junos	12.2
juniper	junos	12.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87B7BB4C-BF3D-4E88-9422-816CB5ECE523",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8FFDD73-F4A7-42BC-8CEF-4E7CC469CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3546BA8D-CEA4-4C95-B18F-4AC112195008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DC12ED6-463F-4576-80F4-E1B697B579B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "37235C6B-B7B8-41EC-A1D2-336D8BAD9DBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41543223-0FA9-4CBE-8DEC-717CE5FFED79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B40B8FD6-A597-4845-8E8E-63EFDF606006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FB9541A-2570-459A-87D6-5341C67B8EC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E014A0D-0054-4EBA-BA1F-035B74BD822F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action."
    },
    {
      "lang": "es",
      "value": "jsdm / ajax / port.php de J-Web en Juniper Junos anterior 10.4R13, 11.4 anterior a 11.4R, 12,.1 anterior a 12.1R5  anterior a 12.2R3 y 12.3 antes 12.3R1 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a trav\u00e9s del par\u00e1metro rsargs en una acci\u00f3n exec."
    }
  ],
  "id": "CVE-2013-6618",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-11-05T20:55:30.243",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/54731"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.exploit-db.com/exploits/29544"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/62305"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1029016"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "URL Repurposed"
      ],
      "url": "http://www.senseofsecurity.com.au/advisories/SOS-13-003"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/54731"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.exploit-db.com/exploits/29544"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/62305"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1029016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "URL Repurposed"
      ],
      "url": "http://www.senseofsecurity.com.au/advisories/SOS-13-003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87011"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-6GHQ-FC75-Q46Q

Vulnerability from github – Published: 2022-05-17 01:30 – Updated: 2022-05-17 01:30

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-6618"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-11-05T20:55:00Z",
    "severity": "HIGH"
  },
  "details": "jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.",
  "id": "GHSA-6ghq-fc75-q46q",
  "modified": "2022-05-17T01:30:28Z",
  "published": "2022-05-17T01:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6618"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87011"
    },
    {
      "type": "WEB",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10560"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/54731"
    },
    {
      "type": "WEB",
      "url": "http://www.exploit-db.com/exploits/29544"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/62305"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1029016"
    },
    {
      "type": "WEB",
      "url": "http://www.senseofsecurity.com.au/advisories/SOS-13-003"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-201311-0339

Vulnerability from variot - Updated: 2024-02-14 23:10

jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action. Juniper Junos is prone to a privilege-escalation vulnerability. An attacker can exploit this vulnerability to execute arbitrary code with elevated privileges. Versions prior to Juniper Junos 10.4R13 are vulnerable. Juniper Networks Junos is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware system. The operating system provides a secure programming interface and Junos SDK. J-Web is a network management tool for routers or switches using Junos

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201311-0339",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "10.3"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "12.3"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "12.1"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "10.1"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "11.4"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "10.2"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "10.0"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "12.2"
      },
      {
        "model": "junos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "10.4"
      },
      {
        "model": "junos os",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.3"
      },
      {
        "model": "junos os",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.2"
      },
      {
        "model": "junos os",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.1"
      },
      {
        "model": "junos os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "11.4r7"
      },
      {
        "model": "junos os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.1r5"
      },
      {
        "model": "junos os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.3r1"
      },
      {
        "model": "junos os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.2r3"
      },
      {
        "model": "junos os",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "11.4"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "10.4"
      },
      {
        "model": "networks junos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "10.4"
      },
      {
        "model": "networks junos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "10.3"
      },
      {
        "model": "networks junos 10.2r3",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "networks junos 10.2r2",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "networks junos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "10.2"
      },
      {
        "model": "networks junos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "10.1"
      },
      {
        "model": "networks junos 10.0s18",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "networks junos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "10.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "62305"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005031"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-140"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6618"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:10.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:10.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-6618"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Phil of Sense of Security",
    "sources": [
      {
        "db": "BID",
        "id": "62305"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-140"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-6618",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2013-6618",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "VHN-66620",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2013-6618",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201309-140",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-66620",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-66620"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005031"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-140"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6618"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action. Juniper Junos is prone to a privilege-escalation vulnerability. \nAn attacker can exploit this vulnerability to execute arbitrary code with elevated privileges. \nVersions prior to Juniper Junos 10.4R13 are vulnerable. Juniper Networks Junos is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company\u0027s hardware system. The operating system provides a secure programming interface and Junos SDK. J-Web is a network management tool for routers or switches using Junos",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-6618"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005031"
      },
      {
        "db": "BID",
        "id": "62305"
      },
      {
        "db": "VULHUB",
        "id": "VHN-66620"
      }
    ],
    "trust": 1.98
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-66620",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-66620"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-6618",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "62305",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1029016",
        "trust": 1.7
      },
      {
        "db": "JUNIPER",
        "id": "JSA10560",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "54731",
        "trust": 1.7
      },
      {
        "db": "EXPLOIT-DB",
        "id": "29544",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005031",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-140",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "87011",
        "trust": 0.6
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-83037",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-66620",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-66620"
      },
      {
        "db": "BID",
        "id": "62305"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005031"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-140"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6618"
      }
    ]
  },
  "id": "VAR-201311-0339",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-66620"
      }
    ],
    "trust": 0.38947368000000004
  },
  "last_update_date": "2024-02-14T23:10:01.500000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "JSA10560",
        "trust": 0.8,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10560"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005031"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-66620"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005031"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6618"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/62305"
      },
      {
        "trust": 1.7,
        "url": "http://www.senseofsecurity.com.au/advisories/sos-13-003"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1029016"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/54731"
      },
      {
        "trust": 1.6,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10560"
      },
      {
        "trust": 1.1,
        "url": "http://www.exploit-db.com/exploits/29544"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87011"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6618"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6618"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/87011"
      },
      {
        "trust": 0.3,
        "url": "http://www.juniper.net/"
      },
      {
        "trust": 0.1,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10560"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-66620"
      },
      {
        "db": "BID",
        "id": "62305"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005031"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-140"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6618"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-66620"
      },
      {
        "db": "BID",
        "id": "62305"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005031"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-140"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-6618"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-11-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-66620"
      },
      {
        "date": "2013-09-10T00:00:00",
        "db": "BID",
        "id": "62305"
      },
      {
        "date": "2013-11-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-005031"
      },
      {
        "date": "2013-09-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201309-140"
      },
      {
        "date": "2013-11-05T20:55:30.243000",
        "db": "NVD",
        "id": "CVE-2013-6618"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-66620"
      },
      {
        "date": "2014-10-10T00:03:00",
        "db": "BID",
        "id": "62305"
      },
      {
        "date": "2013-11-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-005031"
      },
      {
        "date": "2013-11-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201309-140"
      },
      {
        "date": "2024-02-14T01:17:43.863000",
        "db": "NVD",
        "id": "CVE-2013-6618"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-140"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Juniper Junos of  J-Web of  jsdm/ajax/port.php Vulnerable to arbitrary command execution",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-005031"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201309-140"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-6618 (GCVE-0-2013-6618)

GSD-2013-6618

FKIE_CVE-2013-6618

GHSA-6GHQ-FC75-Q46Q

VAR-201311-0339

Tags

Sightings

Nomenclature