How severe is CVE-2016-4924?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2016-4924?

This is classified as CWE-275, which is a common weakness in software security.

CVE-2016-4924

MEDIUM Year: 2016

CVSS v3 Score

5.5

Medium

CVSS v2 Score

1.7

Low

Weakness Type

CWE-275

View all →

Vulnerability Description

An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. This issue was found during internal product security testing. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 15.1 prior to 15.1F5; 14.1 prior to 14.1R8

CVE-2013-4040

MEDIUM

CVSS:5.5(Medium)

IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows...

CWE-2752013

CVE-2015-7889

MEDIUM

CVSS:5.5(Medium)

The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service ac...

CWE-2752015

CVE-2015-8223

MEDIUM

CVSS:5.5(Medium)

Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) by leveraging camera permissions and via...

CWE-2752015

CVE-2016-6715

MEDIUM

CVSS:5.5(Medium)

An elevation of privilege vulnerability in the Framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could allow a local ...

CWE-2752016

CVE-2016-6719

MEDIUM

CVSS:5.5(Medium)

An elevation of privilege vulnerability in the Bluetooth component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a ...

CWE-2752016

CVE-2016-9869

MEDIUM

CVSS:5.5(Medium)

An issue was discovered in EMC ScaleIO versions before 2.0.1.1. Incorrect permissions on the SCINI driver may allow a low-privileged local attacker to modify the configuration and render the ScaleIO D...

CWE-2752016

CVE-2016-4924

Vulnerability Description

Related Vulnerabilities

CVE-2013-4040

CVE-2015-7889

CVE-2015-8223

CVE-2016-6715

CVE-2016-6719

CVE-2016-9869