| CVE-2015-3002 | Date: (C)2015-04-14 (M)2023-12-22 |
Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, and 12.3X48 before 12.3X48-D10 on SRX series devices does not properly enforce the log-out-on-disconnect feature when configured in the [system port console] stanza, which allows physically proximate attackers to reconnect to the console port and gain administrative access by leveraging access to the device.
CVSS Score and Metrics +CVSS Score and Metrics -| CVSS V2 Severity: |
| CVSS Score : 6.9 |
| Exploit Score: 3.4 |
| Impact Score: 10.0 |
| |
| CVSS V2 Metrics: |
| Access Vector: LOCAL |
| Access Complexity: MEDIUM |
| Authentication: NONE |
| Confidentiality: COMPLETE |
| Integrity: COMPLETE |
| Availability: COMPLETE |
| | |
