Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2018-0011
PUBLISHED
More InfoOfficial Page
Assigner-juniper
Assigner Org ID-8cbe9d5a-a066-4c94-8978-4b15efeae968
View Known Exploited Vulnerability (KEV) details
Published At-10 Jan, 2018 | 22:00
Updated At-17 Sep, 2024 | 04:14
Rejected At-
▼CVE Numbering Authority (CNA)
Junos Space: Reflected XSS vulnerability in Junos Space management interface

A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device.

Affected Products
Vendor
Juniper Networks, Inc.Juniper Networks
Product
Junos Space
Versions
Affected
  • From All before 17.2R1 (custom)
Problem Types
TypeCWE IDDescription
textN/AXSS vulnerability
Metrics
VersionBase scoreBase severityVector
3.05.4MEDIUM
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

The following software releases have been updated to resolve this specific issue: Junos Space 17.2R1 and all subsequent releases.

Configurations
Workarounds

Use access lists or firewall filters to limit access to the device only from trusted hosts and administrators.

Exploits

Juniper SIRT is not aware of any malicious exploitation of this vulnerability.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.juniper.net/JSA10838
x_refsource_CONFIRM
http://www.securitytracker.com/id/1040189
vdb-entry
x_refsource_SECTRACK
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.juniper.net/JSA10838
x_refsource_CONFIRM
x_transferred
http://www.securitytracker.com/id/1040189
vdb-entry
x_refsource_SECTRACK
x_transferred
Details not found