exploitDog

CVE-2017-10612

Опубликовано: 13 окт. 2017

Источник: nvd

CVSS3: 8

CVSS2: 6

EPSS Низкий

Описание

A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal information or perform actions as other Junos Space users or administrators. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1.

Ссылки

http://www.securityfocus.com/bid/101256
Third Party Advisory
VDB Entry
https://kb.juniper.net/JSA10826
Vendor Advisory
http://www.securityfocus.com/bid/101256
Third Party Advisory
VDB Entry
https://kb.juniper.net/JSA10826
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*

Версия до 16.1r3 (включая)

EPSS

Процентиль: 60%

0.00391

Низкий

8 High

CVSS3

6 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-j8cv-m38f-wj28

CVSS3: 8

github

больше 3 лет назад

A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal information or perform actions as other Junos Space users or administrators. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1.

EPSS

Процентиль: 60%

0.00391

Низкий

8 High

CVSS3

6 Medium

CVSS2

Дефекты

CWE-79