Описание
A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Director may allow authenticated users to inject persistent and malicious scripts. This may allow stealing of information or performing actions as a different user when other users access the Security Director web interface. This issue affects all versions of Juniper Networks Junos Space Security Director prior to 17.2R2.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
8 High
CVSS3
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
Связанные уязвимости
A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Director may allow authenticated users to inject persistent and malicious scripts. This may allow stealing of information or performing actions as a different user when other users access the Security Director web interface. This issue affects all versions of Juniper Networks Junos Space Security Director prior to 17.2R2.
Уязвимость веб-интерфейса средства администрирования Juniper Networks Junos Space Security Director, вызванная недостаточной защитой структуры веб-страницы, позволяющая нарушителю раскрыть защищаемую информацию или выполнять действия от имени других пользователей
EPSS
8 High
CVSS3
5.4 Medium
CVSS3
3.5 Low
CVSS2