CVE-2015-3005

Published: Apr 10, 2015Modified: May 6, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the Dynamic VPN in Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, and 12.3X48 before 12.3X48-D10 on SRX series devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected (16)

Products: Juniper: Junos

Juniper

1 product

Junos

Configuration A

16 vulnerable · 12 platform

Vulnerable Software	Affected Versions
Juniper Junos	Version 12.1x44
Juniper Junos	Version 12.1x44 d10
Juniper Junos	Version 12.1x44 d15
Juniper Junos	Version 12.1x44 d20
Juniper Junos	Version 12.1x44 d25
Juniper Junos	Version 12.1x44 d30
Juniper Junos	Version 12.1x44 d35
Juniper Junos	Version 12.1x44 d40
Juniper Junos	Version 12.1x46
Juniper Junos	Version 12.1x46 d10
Juniper Junos	Version 12.1x46 d15
Juniper Junos	Version 12.1x46 d20
Juniper Junos	Version 12.1x46 d25
Juniper Junos	Version 12.1x47
Juniper Junos	Version 12.1x47 d10
Juniper Junos	Version 12.1x48

Running on/with	Platform Versions
Juniper Srx100	All versions
Juniper Srx110	All versions
Juniper Srx1400	All versions
Juniper Srx210	All versions
Juniper Srx220	All versions
Juniper Srx240	All versions
Juniper Srx3400	All versions
Juniper Srx3600	All versions
Juniper Srx550	All versions
Juniper Srx5600	All versions
Juniper Srx5800	All versions
Juniper Srx650	All versions