) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:juniper:junos_space:17.1:r1:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2019-0017 |
The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious images or scripts, or other content types. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1. Published: January 15, 2019; 4:29:01 PM -0500 |
V3.0: 8.8 HIGH V2.0: 6.5 MEDIUM |
| CVE-2019-0016 |
A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete action performed by another administrative user. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1. Published: January 15, 2019; 4:29:01 PM -0500 |
V3.0: 6.5 MEDIUM V2.0: 5.5 MEDIUM |
| CVE-2018-0011 |
A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device. Published: January 10, 2018; 5:29:01 PM -0500 |
V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |