CVE-2018-0047: Junos Space Security Director: XSS vulnerability in web administration

First published: Wed Oct 10 2018(Updated: )

A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Director may allow authenticated users to inject persistent and malicious scripts. This may allow stealing of information or performing actions as a different user when other users access the Security Director web interface. This issue affects all versions of Juniper Networks Junos Space Security Director prior to 17.2R2.

Credit: sirt@juniper.net

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/references
• agent/type
• agent/softwarecombine
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• agent/remedy
• agent/weakness
• agent/severity
• agent/author
• agent/title
• agent/description
• agent/first-publish-date
• agent/event
• agent/tags
• vendor/juniper
• canonical/juniper junos space
• version/juniper junos space/13.3-r1
• version/juniper junos space/13.3-r2
• version/juniper junos space/14.1-r1
• version/juniper junos space/14.1-r2
• version/juniper junos space/14.1-r3
• version/juniper junos space/15.1-r1
• version/juniper junos space/15.1-r2
• version/juniper junos space/15.1-r3
• version/juniper junos space/15.1-r4
• version/juniper junos space/15.2-r1
• version/juniper junos space/15.2-r2
• version/juniper junos space/16.1-r1
• version/juniper junos space/16.1-r2
• version/juniper junos space/16.1-r3
• version/juniper junos space/17.1-r1
• version/juniper junos space/17.2-r1