Reflected Cross-Site Scripting Vulnerability in Juniper Networks Junos Space
CVE-2017-2307

6.1MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Junos Space
Vendor: CVE Published:; 30 May 2017

Summary

A reflected cross-site scripting vulnerability exists in the administrative interface of Juniper Networks Junos Space, which may allow remote attackers to execute arbitrary scripts in the context of a user's session. This security flaw can lead to the theft of sensitive information or unauthorized administrative actions within the Junos Space application. Users are advised to upgrade to versions that address this vulnerability to ensure the integrity of their systems.

Affected Version(s)

Junos Space versions prior to 16.1R1

References

http://www.securityfocus.com/bid/98749

vdb-entryx_refsource_BID

https://kb.juniper.net/JSA10770

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
May 30, 2017
Vulnerability Reserved
Dec 1, 2016