CVE-2015-7751

Published: Oct 19, 2015Modified: May 6, 2026

6.9

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 3.4 / Impact: 10.0

Source: NVD

Description

Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D35, 13.3 before 13.3R6, 14.1 before 14.1R5, 14.1X50 before 14.1X50-D105, 14.1X51 before 14.1X51-D70, 14.1X53 before 14.1X53-D25, 14.1X55 before 14.1X55-D20, 14.2 before 14.2R1, 15.1 before 15.1F2 or 15.1R1, and 15.1X49 before 15.1X49-D10 does not require a password for the root user when pam.conf is "corrupted," which allows local users to gain root privileges by modifying the file.

Affected (54)

Products: Juniper: Junos

Juniper

1 product

Junos

Configuration A

54 vulnerable

Vulnerable Software	Affected Versions
Juniper Junos	Up to 12.1x44
Juniper Junos	Version 12.1x46
Juniper Junos	Version 12.1x46 d10
Juniper Junos	Version 12.1x46 d15
Juniper Junos	Version 12.1x46 d20
Juniper Junos	Version 12.1x46 d25
Juniper Junos	Version 12.1x46 d30
Juniper Junos	Version 12.1x47
Juniper Junos	Version 12.1x47 d10
Juniper Junos	Version 12.1x47 d15
Juniper Junos	Version 12.1x47 d20
Juniper Junos	Version 12.3
Juniper Junos	Version 12.3 r1
Juniper Junos	Version 12.3 r2
Juniper Junos	Version 12.3 r3
Juniper Junos	Version 12.3 r4
Juniper Junos	Version 12.3 r5
Juniper Junos	Version 12.3 r6
Juniper Junos	Version 12.3 r7
Juniper Junos	Version 12.3 r8
Juniper Junos	Version 12.3x48
Juniper Junos	Version 12.3x48 d10
Juniper Junos	Version 12.3x48 d5
Juniper Junos	Version 13.2
Juniper Junos	Version 13.2 r1
Juniper Junos	Version 13.2 r2
Juniper Junos	Version 13.2 r3
Juniper Junos	Version 13.2 r4
Juniper Junos	Version 13.2 r5
Juniper Junos	Version 13.2 r6
Juniper Junos	Version 13.2x51
Juniper Junos	Version 13.2x51 d10
Juniper Junos	Version 13.2x51 d15
Juniper Junos	Version 13.2x51 d20
Juniper Junos	Version 13.2x51 d25
Juniper Junos	Version 13.3
Juniper Junos	Version 13.3 r1
Juniper Junos	Version 13.3 r2
Juniper Junos	Version 13.3 r3
Juniper Junos	Version 13.3 r4
Juniper Junos	Version 13.3 r5
Juniper Junos	Version 14.1
Juniper Junos	Version 14.1 r1
Juniper Junos	Version 14.1 r2
Juniper Junos	Version 14.1 r3
Juniper Junos	Version 14.1 r4
Juniper Junos	Version 14.1x50
Juniper Junos	Version 14.1x51
Juniper Junos	Version 14.1x53
Juniper Junos	Version 14.1x55
Juniper Junos	Version 14.2
Juniper Junos	Version 15.1
Juniper Junos	Version 15.1 r1
Juniper Junos	Version 15.1x49

Related CWEs

CWE-264

References (4)

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10707

Source: cve@mitre.org

Vendor Advisory

http://www.securitytracker.com/id/1033817

Source: cve@mitre.org

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10707

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1033817

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.