Juniper Junos Space 17.1 R1

CPE Details

Juniper Junos Space 17.1 R1
juniper
junos_space
17.1
2018-01-29
16h54 +00:00
2021-04-15
13h49 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:juniper:junos_space:17.1:r1:*:*:*:*:*:*

Informations

Vendor

juniper

Product

junos_space

Version

17.1

Update

r1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-0016 2019-01-15 21h00 +00:00 A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete action performed by another administrative user. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1.
6.5
Medium
CVE-2019-0017 2019-01-15 21h00 +00:00 The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious images or scripts, or other content types. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1.
8.8
High
CVE-2018-0011 2018-01-10 22h00 +00:00 A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device.
5.4
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.