exploitDog

CVE-2016-1265

Опубликовано: 13 окт. 2017

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors. All versions of Juniper Networks Junos Space prior to 15.1R3 are affected.

Ссылки

https://kb.juniper.net/JSA10727
Vendor Advisory
https://kb.juniper.net/JSA10727
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*

Версия до 15.1r2 (включая)

EPSS

Процентиль: 77%

0.00996

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-g7g3-mqm9-m86m

CVSS3: 9.8

github

больше 3 лет назад

A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors. All versions of Juniper Networks Junos Space prior to 15.1R3 are affected.

EPSS

Процентиль: 77%

0.00996

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-200