FKIE_CVE-2015-3004

Vulnerability from fkie_nvd - Published: 2015-04-10 15:00 - Updated: 2025-04-12 10:46
Severity ?
Summary
J-Web in Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D35, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D10, 12.3X48 before 12.3X48-D10, 12.2 before 12.2R9, 12.3 before 12.3R7, 13.2 before 13.2R6, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R5, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, and 14.2 before 14.2R1 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header.
References
cve@mitre.orghttp://www.securityfocus.com/bid/74017
cve@mitre.orghttp://www.securitytracker.com/id/1032090
cve@mitre.orghttps://kb.juniper.net/InfoCenter/index?page=content&id=JSA10675Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/74017
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032090
af854a3a-2127-422b-91ae-364da2661108https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10675Vendor Advisory
Impacted products
Vendor Product Version
juniper junos 12.1x44
juniper junos 12.1x44
juniper junos 12.1x44
juniper junos 12.1x44
juniper junos 12.1x44
juniper junos 12.1x44
juniper junos 12.1x46
juniper junos 12.1x46
juniper junos 12.1x46
juniper junos 12.1x46
juniper junos 12.1x47
juniper junos 12.2
juniper junos 12.2
juniper junos 12.2
juniper junos 12.2
juniper junos 12.2
juniper junos 12.2
juniper junos 12.2
juniper junos 12.2
juniper junos 12.2
juniper junos 12.2
juniper junos 12.3
juniper junos 12.3
juniper junos 12.3
juniper junos 12.3
juniper junos 12.3
juniper junos 12.3
juniper junos 12.3x48
juniper junos 13.2
juniper junos 13.2
juniper junos 13.2
juniper junos 13.2
juniper junos 13.2
juniper junos 13.2
juniper junos 13.2x51
juniper junos 13.2x51
juniper junos 13.2x51
juniper junos 13.3
juniper junos 13.3
juniper junos 13.3
juniper junos 13.3
juniper junos 13.3
juniper junos 13.3
juniper junos 14.1
juniper junos 14.1
juniper junos 14.1
juniper junos 14.1x53
juniper junos 14.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B307477-C5F2-4D98-AF4C-640D326164C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x44:d10:*:*:*:*:*:*",
              "matchCriteriaId": "AC405A12-112D-4C9D-90DA-6ED484109793",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x44:d15:*:*:*:*:*:*",
              "matchCriteriaId": "3FC42F2D-7593-4DBE-AE89-A6B78E7F9089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x44:d20:*:*:*:*:*:*",
              "matchCriteriaId": "731A6469-3DE0-491A-BCC5-7642FB347ACE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x44:d25:*:*:*:*:*:*",
              "matchCriteriaId": "D12A8119-3E59-4062-9A04-1F6EA48B78E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x44:d30:*:*:*:*:*:*",
              "matchCriteriaId": "E8B33B80-3189-4412-BFE0-359E755AB07A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFB89F64-16BB-4A14-9084-B338668D7FF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*",
              "matchCriteriaId": "A71742CF-50B1-44BB-AB7B-27E5DCC9CF70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*",
              "matchCriteriaId": "4FD4237A-C257-4D8A-ABC4-9B2160530A4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*",
              "matchCriteriaId": "5A449C87-C5C3-48FE-9E46-64ED5DD5F193",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BB3DE56-1B04-4A53-B4A4-93286FC98463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FB9541A-2570-459A-87D6-5341C67B8EC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "43B661F8-1F43-4073-9275-AE1FFCB17BF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "EF88921E-18E4-49B2-AAF4-ED8C393D4750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.2:r3:*:*:*:*:*:*",
              "matchCriteriaId": "144DA08B-A129-4DC6-81D2-782BD7C3074B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.2:r4:*:*:*:*:*:*",
              "matchCriteriaId": "F1936A41-302E-4546-9F7A-CAE3A3C68718",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.2:r5:*:*:*:*:*:*",
              "matchCriteriaId": "6EB55673-5857-452F-9D22-B422CC9CC3F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.2:r6:*:*:*:*:*:*",
              "matchCriteriaId": "03D4519D-1289-47E9-BFB7-E3831BFD50F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.2:r7:*:*:*:*:*:*",
              "matchCriteriaId": "77CDB10F-3BCE-41AF-B633-DFAC9B8A5D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.2:r8:*:*:*:*:*:*",
              "matchCriteriaId": "B795A4AD-38A1-470B-86B2-872011C80DB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.2:r8-s2:*:*:*:*:*:*",
              "matchCriteriaId": "A89F7B01-F83C-426B-A555-A553479CB0F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "371A7DF8-3F4B-439D-8990-D1BC6F0C25C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "C6F309FD-0A5A-4C86-B227-B2B511A5CEB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*",
              "matchCriteriaId": "960059B5-0701-4B75-AB51-0A430247D9F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*",
              "matchCriteriaId": "1D1DCA52-DA81-495B-B516-5571F01E3B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r6:*:*:*:*:*:*",
              "matchCriteriaId": "05E187F6-BACD-4DD5-B393-B2FE4349053A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:*:*:*:*:*:*:*",
              "matchCriteriaId": "7192552C-7D4A-4D95-BA79-CDF465E27D37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAB7D840-9469-4CE2-8DBF-017A44741374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D3A0A607-7D3C-4F2A-B5F5-576A70649CB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "32E9620A-7C0A-474C-919E-13609FFE580D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.2:r3:*:*:*:*:*:*",
              "matchCriteriaId": "672D3A38-92B4-4F33-82A6-B2D3F3403AF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.2:r4:*:*:*:*:*:*",
              "matchCriteriaId": "F5C24441-6E9D-4EF7-8903-A109A52340C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.2:r5:*:*:*:*:*:*",
              "matchCriteriaId": "7CB98C4F-617F-4F51-A86E-D1EBE2BDE583",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.2x51:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B73BE56-F298-4EC5-88A3-D9808B89B63B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.2x51:d10:*:*:*:*:*:*",
              "matchCriteriaId": "62B55703-15BC-409B-ACF0-CD5671B9E372",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.2x51:d15:*:*:*:*:*:*",
              "matchCriteriaId": "3947A516-2054-48B3-ADFD-3CF88EC2288D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4AF5DAA-62F5-491F-A9CE-098970671D43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "3FF9FF91-9184-4D18-8288-9110E35F4AE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "0F2E537B-9504-4912-B231-0D83F4459469",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.3:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "99A946CE-FFC7-4F16-82F4-795A6E5B84C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "4BCB3837-DCBC-4997-B63E-E47957584709",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.3:r4:*:*:*:*:*:*",
              "matchCriteriaId": "6C88E2B1-469B-442B-9FC0-7C9408CE3917",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6237291A-B861-4D53-B7AA-C53A44B76896",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "9C778627-820A-48F5-9680-0205D6DB5EB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "FA7F03DC-73A2-4760-B386-2A57E9C97E65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D59449C6-5BD5-4C07-AEF6-EEBC70D9C4C7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "J-Web in Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D35, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D10, 12.3X48 before 12.3X48-D10, 12.2 before 12.2R9, 12.3 before 12.3R7, 13.2 before 13.2R6, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R5, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, and 14.2 before 14.2R1 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header."
    },
    {
      "lang": "es",
      "value": "J-Web en Juniper Junos 11.4 anterior a 11.4R12, 12.1X44 anterior a 12.1X44-D35, 12.1X46 anterior a 12.1X46-D25, 12.1X47 anterior a 12.1X47-D10, 12.3X48 anterior a 12.3X48-D10, 12.2 anterior a 12.2R9, 12.3 anterior a 12.3R7, 13.2 anterior a 13.2R6, 13.2X51 anterior a 13.2X51-D20, 13.3 anterior a 13.3R5, 14.1 anterior a 14.1R3, 14.1X53 anterior a 14.1X53-D10, y 14.2 anterior a 14.2R1 permite a atacantes remotos realizar ataques de clickjacking a trav\u00e9s de una cabecera X-Frame-Options."
    }
  ],
  "id": "CVE-2015-3004",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2015-04-10T15:00:08.693",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/74017"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1032090"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/74017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032090"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10675"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.