Vulnerability Database

296,746

Total vulnerabilities in the database

CVE-2013-6012

Juniper Junos 12.1X44 before 12.1.X44-D20 and 12.1X45 before 12.1X45-D15, when the no-validate option is enabled, does not properly handle configuration validation errors during the config commit phase of the boot-up sequence, which allows remote attackers to bypass authentication via unspecified vectors.

Published: Oct 28, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-6012
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 8.5
AV:N/AC:M/Au:S/C:C/I:C/A:C

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
juniper / junos	12.1x45	12.1x45.x
juniper / junos	12.1x44	12.1x44.x

http://www.securityfocus.com/bid/63389
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10593

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo