Описание
A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device.
Ссылки
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:juniper:junos_space:13.3:r1:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:13.3:r2:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:13.3:r4:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:14.1:r1:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:14.1:r2:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:14.1:r3:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:15.1:r1:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:15.1:r2:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:15.1:r3:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:15.2:r1:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:15.2:r2:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:16.1:r1:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:16.1:r2:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:16.1:r3:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:17.1:r1:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00171
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
больше 3 лет назад
A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device.
EPSS
Процентиль: 39%
0.00171
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79