CVE-2014-3821
Juniper JunOS 9.x Cross Site Scripting
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Cross-site scripting (XSS) vulnerability in SRX Web Authentication (webauth) in Juniper Junos 11.4 before 11.4R11, 12.1X44 before 12.1X44-D34, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Vulnerabilidad de XSS en SRX Web Authentication (webauth) en Juniper Junos 11.4 anterior a 11.4R11, 12.1X44 anterior a 12.1X44-D34, 12.1X45 anterior a 12.1X45-D25, 12.1X46 anterior a 12.1X46-D20 y 12.1X47 anterior a 12.1X47-D10 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados.
Juniper JunOS version 9.x suffers from a html injection vulnerability that allows for cross site scripting attacks.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-07-24 CVE Published
- 2013-07-24 First Exploit
- 2014-05-21 CVE Reserved
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/68548 | Vdb Entry | |
| http://www.securitytracker.com/id/1030563 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://packetstorm.news/files/id/122532 | 2013-07-24 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10640 | 2014-07-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 11.4 Search vendor "Juniper" for product "Junos" and version "11.4" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.1x44 Search vendor "Juniper" for product "Junos" and version "12.1x44" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.1x45 Search vendor "Juniper" for product "Junos" and version "12.1x45" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.1x46 Search vendor "Juniper" for product "Junos" and version "12.1x46" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.1x47 Search vendor "Juniper" for product "Junos" and version "12.1x47" | - |
Affected
| ||||||