CVE-2018-0047
8
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Director may allow authenticated users to inject persistent and malicious scripts. This may allow stealing of information or performing actions as a different user when other users access the Security Director web interface. This issue affects all versions of Juniper Networks Junos Space Security Director prior to 17.2R2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos Space Security Director | unspecified <= 17.2R2 | affected |
Weaknesses
- Persistent Cross-Site Scripting Vulnerability
Workarounds
Restrict access to the Junos Space Security Director dashboard to trusted users.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.