CVE-2018-0011

Summary

A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos SpaceAll < 17.2R1affected

Weaknesses

  • XSS vulnerability

Workarounds

Use access lists or firewall filters to limit access to the device only from trusted hosts and administrators.

ADP Enrichment

CVE Program Container

Additional References

References