Strix
26.1K

CVE-2016-1279

UnknownEPSS 2.86%

Last modified

CVE-2016-1279 is a vulnerability of currently unknown severity. J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D25, 13.3 before 13.3R10, 13.3R9 before 13.3R9-S1, 14.1 before 14.1R7, 14.1X53 before 14.1X53-D35, 14.2 before 14.2R6, 15.1 before 15.1A2 or 15.1F4, 15.1X49 before 15.1X49-D30, and 15.1R before 15.1R3 might allow remote attackers to obtain sensitive information and consequently gain administrative privileges via unspecified vectors.. EPSS estimates a 2.86% chance of exploitation in the next 30 days.

Description

J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D25, 13.3 before 13.3R10, 13.3R9 before 13.3R9-S1, 14.1 before 14.1R7, 14.1X53 before 14.1X53-D35, 14.2 before 14.2R6, 15.1 before 15.1A2 or 15.1F4, 15.1X49 before 15.1X49-D30, and 15.1R before 15.1R3 might allow remote attackers to obtain sensitive information and consequently gain administrative privileges via unspecified vectors.

Metrics

EPSS Probability
2.86%

85.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
JuniperJunos<= 12.1x46D40
JuniperJunos12.1x46D50
JuniperJunos12.1x47
JuniperJunos12.3
JuniperJunos12.3x48D10
JuniperJunos13.3
JuniperJunos14.1
JuniperJunos14.1x53
JuniperJunos14.2R1
JuniperJunos15.1A1
JuniperJunos15.1x49D10

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2016-1279?
J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D25, 13.3 before 13.3R10, 13.3R9 before 13.3R9-S1, 14.1 before 14.1R7, 14.1X53 before 14.1X53-D35, 14.2 before 14.2R6, 15.1 before 15.1A2 or 15.1F4, 15.1X49 before 15.1X49-D30, and 15.1R before 15.1R3 might allow remote attackers to obtain sensitive information and consequently gain administrative privileges via unspecified vectors.
How severe is CVE-2016-1279?
Severity scoring for CVE-2016-1279 is pending analysis. The EPSS model estimates a 2.86% probability of exploitation in the next 30 days.
How do I fix CVE-2016-1279?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-1279?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST