Search
Total
10 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-0017 | 1 Juniper | 1 Junos Space | 2019-10-09 | 6.5 MEDIUM | 8.8 HIGH |
| The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious images or scripts, or other content types. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1. | |||||
| CVE-2018-0012 | 1 Juniper | 1 Junos Space | 2019-10-09 | 7.2 HIGH | 7.8 HIGH |
| Junos Space is affected by a privilege escalation vulnerability that may allow a local authenticated attacker to gain root privileges. | |||||
| CVE-2017-10623 | 1 Juniper | 1 Junos Space | 2019-10-09 | 6.8 MEDIUM | 8.1 HIGH |
| Lack of authentication and authorization of cluster messages in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to intercept, inject or disrupt Junos Space cluster operations between two nodes. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1. | |||||
| CVE-2017-10624 | 1 Juniper | 1 Junos Space | 2019-10-09 | 5.1 MEDIUM | 7.5 HIGH |
| Insufficient verification of node certificates in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to make unauthorized modifications to Space database or add nodes. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1. | |||||
| CVE-2017-10612 | 1 Juniper | 1 Junos Space | 2019-10-09 | 6.0 MEDIUM | 8.0 HIGH |
| A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal information or perform actions as other Junos Space users or administrators. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1. | |||||
| CVE-2017-2305 | 1 Juniper | 1 Junos Space | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization check, readonly users on the Junos Space administrative web interface can create privileged users, allowing privilege escalation. | |||||
| CVE-2017-2306 | 1 Juniper | 1 Junos Space | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization check, readonly users on the Junos Space administrative web interface can execute code on the device. | |||||
| CVE-2016-4928 | 1 Juniper | 1 Junos Space | 2017-03-22 | 6.8 MEDIUM | 8.8 HIGH |
| Cross site request forgery vulnerability in Junos Space before 15.2R2 allows remote attackers to perform certain administrative actions on Junos Space. | |||||
| CVE-2016-4927 | 1 Juniper | 1 Junos Space | 2017-03-22 | 6.8 MEDIUM | 8.1 HIGH |
| Insufficient validation of SSH keys in Junos Space before 15.2R2 allows man-in-the-middle (MITM) type of attacks while a Space device is communicating with managed devices. | |||||
| CVE-2016-4929 | 1 Juniper | 1 Junos Space | 2017-03-22 | 9.0 HIGH | 8.8 HIGH |
| Command injection vulnerability in Junos Space before 15.2R2 allows attackers to execute arbitrary code as a root user. | |||||