CVE-2018-0010

Опубликовано: 10 янв. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. Affected releases are all versions of Junos Space Security Director prior to 17.2R1.

Ссылки

https://kb.juniper.net/JSA10840
Patch
Vendor Advisory
https://kb.juniper.net/JSA10840
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:juniper:junos_space:13.3:r1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:13.3:r2:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:14.1:r1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:14.1:r2:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:14.1:r3:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:15.1:r1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:15.1:r2:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:15.1:r3:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:15.1:r4:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:15.2:r1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:15.2:r2:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:16.1:r1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:16.1:r2:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:16.1:r3:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:17.1:r1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos_space:17.2:r1:*:*:*:*:*:*

EPSS

Процентиль: 35%

0.00144

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-269

Связанные уязвимости

GHSA-mqj9-7x6g-mr5p