CVE-2015-3002
Last modified
CVE-2015-3002 is a vulnerability of currently unknown severity. Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, and 12.3X48 before 12.3X48-D10 on SRX series devices does not properly enforce the log-out-on-disconnect feature when configured in the [system port console] stanza, which allows physically proximate attackers to reconnect to the console port and gain administrative access by leveraging access to the device.. EPSS estimates a 0.37% chance of exploitation in the next 30 days.
Description
Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, and 12.3X48 before 12.3X48-D10 on SRX series devices does not properly enforce the log-out-on-disconnect feature when configured in the [system port console] stanza, which allows physically proximate attackers to reconnect to the console port and gain administrative access by leveraging access to the device.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | 12.1x44 |
| Juniper | Junos | 12.1x45 |
| Juniper | Junos | 12.1x46 |
| Juniper | Junos | 12.1x47 |
| Juniper | Junos | 12.1x48 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2015-3002?
How severe is CVE-2015-3002?
How do I fix CVE-2015-3002?
Are you affected by CVE-2015-3002?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST