CVE-2017-10612

Summary

A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal information or perform actions as other Junos Space users or administrators. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos Spaceversions prior to 17.1R1affected

Weaknesses

  • Persistent cross site scripting vulnerability

Workarounds

There are no viable workarounds for this issue. It is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the device from trusted, administrative networks or hosts.

ADP Enrichment

CVE Program Container

Additional References

References