CVE-2018-0047
Junos Space Security Director: XSS vulnerability in web administration
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Director may allow authenticated users to inject persistent and malicious scripts. This may allow stealing of information or performing actions as a different user when other users access the Security Director web interface. This issue affects all versions of Juniper Networks Junos Space Security Director prior to 17.2R2.
Una vulnerabilidad Cross-Site Scripting (XSS) persistente en el la interfaz del framework empleado por Junos Space Security Director podría permitir que usuarios autenticados inyecten scripts persistentes y maliciosos. Esto podría permitir el robo de información o la realización de acciones como otro usuario cuando otros acceden a la interfaz web de Security Director. Este problema afecta a todas las versiones de Juniper Networks Junos Space Security Director en versiones anteriores a la 17.2R2.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-16 CVE Reserved
- 2018-10-10 CVE Published
- 2024-08-19 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
http://www.securitytracker.com/id/1041863 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://kb.juniper.net/JSA10881 | 2019-10-09 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 13.3 Search vendor "Juniper" for product "Junos Space" and version "13.3" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 13.3 Search vendor "Juniper" for product "Junos Space" and version "13.3" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 14.1 Search vendor "Juniper" for product "Junos Space" and version "14.1" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 14.1 Search vendor "Juniper" for product "Junos Space" and version "14.1" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 14.1 Search vendor "Juniper" for product "Junos Space" and version "14.1" | r3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 15.1 Search vendor "Juniper" for product "Junos Space" and version "15.1" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 15.1 Search vendor "Juniper" for product "Junos Space" and version "15.1" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 15.1 Search vendor "Juniper" for product "Junos Space" and version "15.1" | r3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 15.1 Search vendor "Juniper" for product "Junos Space" and version "15.1" | r4 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 15.2 Search vendor "Juniper" for product "Junos Space" and version "15.2" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 15.2 Search vendor "Juniper" for product "Junos Space" and version "15.2" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 16.1 Search vendor "Juniper" for product "Junos Space" and version "16.1" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 16.1 Search vendor "Juniper" for product "Junos Space" and version "16.1" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 16.1 Search vendor "Juniper" for product "Junos Space" and version "16.1" | r3 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 17.1 Search vendor "Juniper" for product "Junos Space" and version "17.1" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Space Search vendor "Juniper" for product "Junos Space" | 17.2 Search vendor "Juniper" for product "Junos Space" and version "17.2" | r1 |
Affected
|