CVE-2013-6618
Published Nov 5, 2013
Last updated 9 months ago
Overview
- Description
- jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87B7BB4C-BF3D-4E88-9422-816CB5ECE523", "versionEndIncluding": "10.4" }, { "criteria": "cpe:2.3:o:juniper:junos:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8FFDD73-F4A7-42BC-8CEF-4E7CC469CF28" }, { "criteria": "cpe:2.3:o:juniper:junos:10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3546BA8D-CEA4-4C95-B18F-4AC112195008" }, { "criteria": "cpe:2.3:o:juniper:junos:10.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DC12ED6-463F-4576-80F4-E1B697B579B7" }, { "criteria": "cpe:2.3:o:juniper:junos:10.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37235C6B-B7B8-41EC-A1D2-336D8BAD9DBF" }, { "criteria": "cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41543223-0FA9-4CBE-8DEC-717CE5FFED79" }, { "criteria": "cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B40B8FD6-A597-4845-8E8E-63EFDF606006" }, { "criteria": "cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FB9541A-2570-459A-87D6-5341C67B8EC8" }, { "criteria": "cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E014A0D-0054-4EBA-BA1F-035B74BD822F" } ], "operator": "OR" } ] } ]