← back
CVE-2017-10612

Junos Space: Persistent Cross site scripting in Junos Space

CVSS 8 HIGHEPSS 1.3%
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8EPSS 1.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
13 Oct 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal information or perform actions as other Junos Space users or administrators. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1.
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected products
Juniper Networks · Junos Space

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://kb.juniper.net/JSA10826http://www.securityfocus.com/bid/101256