Overview
- Description
- An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issue only affects Junos Space Network Management Platform 17.1R1 without Patch v1 and 16.1 releases prior to 16.1R3. This issue was found by an external security researcher.
- Source
- sirt@juniper.net
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-287
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos_space:17.1:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3DFF54CC-E24F-42B4-B908-AECD1139146B"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos_space:16.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7481D0BF-0B4E-41E1-9DC7-0CBEE8375A1D"
},
{
"criteria": "cpe:2.3:o:juniper:junos_space:16.1:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "882C4D7A-293C-4587-84B1-822F63D53D2F"
},
{
"criteria": "cpe:2.3:o:juniper:junos_space:16.1:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A98BA3F-35BD-4C8D-80B4-B85C3B32F5AD"
}
],
"operator": "OR"
}
]
}
]