Junos Space: Shared secrets stored in recoverable format and directly exposed through the UI
CVE-2021-0220

6.8MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Junos Space
Vendor: CVE Published:; 15 January 2021

Badges

👾 Exploit Exists

Summary

The Junos Space Network Management Platform has been found to store shared secrets in a recoverable format that can be exposed through the UI. An attacker who is able to execute arbitrary code in the victim browser (for example via XSS) or access cached contents may be able to obtain a copy of credentials managed by Junos Space. The impact of a successful attack includes, but is not limited to, obtaining access to other servers connected to the Junos Space Management Platform. This issue affects Juniper Networks Junos Space versions prior to 20.3R1.

Affected Version(s)

Junos Space < 20.3R1

References

https://kb.juniper.net/JSA11110

x_refsource_CONFIRM

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

👾
Exploit known to exist
Aug 3, 2024
Vulnerability published
Jan 15, 2021
Vulnerability Reserved
Oct 27, 2020

Collectors

NVD DatabaseMitre Database

Credit

Juniper SIRT would like to acknowledge and thank Bruno Colella Garofalo for responsibly reporting this vulnerability.