Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Juniper Subscribe
Filtered by product Junos Space
Total 50 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-4931 1 Juniper 1 Junos Space 2017-03-22 4.0 MEDIUM 6.5 MEDIUM
XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service.
CVE-2016-4930 1 Juniper 1 Junos Space 2017-03-22 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in Junos Space before 15.2R2 allows remote attackers to steal sensitive information or perform certain administrative actions.
CVE-2016-4928 1 Juniper 1 Junos Space 2017-03-22 6.8 MEDIUM 8.8 HIGH
Cross site request forgery vulnerability in Junos Space before 15.2R2 allows remote attackers to perform certain administrative actions on Junos Space.
CVE-2016-4927 1 Juniper 1 Junos Space 2017-03-22 6.8 MEDIUM 8.1 HIGH
Insufficient validation of SSH keys in Junos Space before 15.2R2 allows man-in-the-middle (MITM) type of attacks while a Space device is communicating with managed devices.
CVE-2016-4926 1 Juniper 1 Junos Space 2017-03-22 7.5 HIGH 9.8 CRITICAL
Insufficient authentication vulnerability in Junos Space before 15.2R2 allows remote network based users with access to Junos Space web interface to perform certain administrative tasks without authentication.
CVE-2016-4929 1 Juniper 1 Junos Space 2017-03-22 9.0 HIGH 8.8 HIGH
Command injection vulnerability in Junos Space before 15.2R2 allows attackers to execute arbitrary code as a root user.
CVE-2014-3412 1 Juniper 3 Junos Space, Junos Space Ja1500 Appliance, Junos Space Ja2500 Appliance 2014-05-21 10.0 HIGH N/A
Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors.
CVE-2013-5097 1 Juniper 3 Junos Space, Junos Space Ja1500 Appliance, Junos Space Virtual Appliance 2013-09-11 4.0 MEDIUM N/A
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462.
CVE-2013-5096 1 Juniper 3 Junos Space, Junos Space Ja1500 Appliance, Junos Space Virtual Appliance 2013-09-11 4.0 MEDIUM N/A
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804.
CVE-2013-5095 1 Juniper 3 Junos Space, Junos Space Ja1500 Appliance, Junos Space Virtual Appliance 2013-09-11 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469.