Vulnerability Details CVE-2015-3005
Cross-site scripting (XSS) vulnerability in the Dynamic VPN in Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, and 12.3X48 before 12.3X48-D10 on SRX series devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.8%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2015-3005
-
cpe:2.3:h:juniper:srx100:-
-
cpe:2.3:h:juniper:srx110:-
-
cpe:2.3:h:juniper:srx1400:-
-
cpe:2.3:h:juniper:srx210:-
-
cpe:2.3:h:juniper:srx220:-
-
cpe:2.3:h:juniper:srx240:-
-
cpe:2.3:h:juniper:srx3400:-
-
cpe:2.3:h:juniper:srx3600:-
-
cpe:2.3:h:juniper:srx550:-
-
cpe:2.3:h:juniper:srx5600:-
-
cpe:2.3:h:juniper:srx5800:-
-
cpe:2.3:h:juniper:srx650:-
-
cpe:2.3:o:juniper:junos:12.1x44
-
cpe:2.3:o:juniper:junos:12.1x46
-
cpe:2.3:o:juniper:junos:12.1x47
-
cpe:2.3:o:juniper:junos:12.1x48