CVE-2018-0047

Junos Space Security Director: XSS vulnerability in web administration

CVSS 8 HIGHEPSS 0.9%

Vexday Risk Score

21Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 8EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

10 out 2018Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Director may allow authenticated users to inject persistent and malicious scripts. This may allow stealing of information or performing actions as a different user when other users access the Security Director web interface. This issue affects all versions of Juniper Networks Junos Space Security Director prior to 17.2R2.

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Produtos afetados

Juniper Networks · Junos Space Security Director

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://kb.juniper.net/JSA10881 http://www.securitytracker.com/id/1041863