CVE-2018-0011 MEDIUM

CVE-2018-0011: Junos Space: Reflected XSS vulnerability in Junos Space management interface

Vendor Juniper Networks
Product Junos Space
Published January 10, 2018
Last update September 17, 2024

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device.

Key dates

02Disclosure timeline

January 10, 2018 CVE published
September 17, 2024 Record updated