Junos Space: Persistent Cross site scripting in Junos Space
CVE-2017-10612

8HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Space
Vendor: CVE Published:; 13 October 2017

Summary

A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal information or perform actions as other Junos Space users or administrators. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1.

Affected Version(s)

Junos Space versions prior to 17.1R1

References

https://kb.juniper.net/JSA10826

x_refsource_CONFIRM

http://www.securityfocus.com/bid/101256

vdb-entryx_refsource_BID

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 13, 2017
Vulnerability Reserved
Jun 28, 2017

Collectors

NVD DatabaseMitre Database