CVE-2017-10612 HIGH

CVE-2017-10612: Junos Space: Persistent Cross site scripting in Junos Space

Vendor Juniper Networks
Product Junos Space
Published October 13, 2017
Last update September 17, 2024

CVSS base score

8.0/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal information or perform actions as other Junos Space users or administrators. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1.

Key dates

02Disclosure timeline

October 13, 2017 CVE published
September 17, 2024 Record updated