Juniper Junos Space Virtual Appliance

CPE Details

Juniper Junos Space Virtual Appliance
juniper
junos_space_virtual_appliance
-
2013-05-09
10h38 +00:00
2013-05-14
21h24 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:juniper:junos_space_virtual_appliance:-:*:*:*:*:*:*:*

Informations

Vendor

juniper

Product

junos_space_virtual_appliance

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2013-5095 2013-08-16 08h00 +00:00 Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469.
4.3
CVE-2013-5096 2013-08-16 08h00 +00:00 Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804.
4
CVE-2013-5097 2013-08-16 08h00 +00:00 Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462.
4
CVE-2013-3497 2013-05-08 21h00 +00:00 Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.
4.7