CVE-2013-6618

high

Description

jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/87011

http://www.securitytracker.com/id/1029016

http://www.exploit-db.com/exploits/29544

http://secunia.com/advisories/54731

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10560

Details

Source: Mitre, NVD

Published: 2013-11-05

Updated: 2024-02-14

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High