Search criteria
15 vulnerabilities found for junos_space_ja1500_appliance by juniper
FKIE_CVE-2014-3412
Vulnerability from fkie_nvd - Published: 2014-05-20 14:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos_space | * | |
| juniper | junos_space | 1.0 | |
| juniper | junos_space | 1.1 | |
| juniper | junos_space | 1.2 | |
| juniper | junos_space | 1.3 | |
| juniper | junos_space | 1.4 | |
| juniper | junos_space | 2.0 | |
| juniper | junos_space | 11.1 | |
| juniper | junos_space | 11.2 | |
| juniper | junos_space | 11.3 | |
| juniper | junos_space | 11.4 | |
| juniper | junos_space | 12.1 | |
| juniper | junos_space | 12.2 | |
| juniper | junos_space | 12.3 | |
| juniper | junos_space_ja1500_appliance | - | |
| juniper | junos_space_ja2500_appliance | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space:*:-:*:*:*:*:*:*",
"matchCriteriaId": "04CD63AF-B84F-4413-AFA4-7F6F23E0F555",
"versionEndIncluding": "13.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "289CAAE5-882C-4236-BF76-B20F8A7F3014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA36F3E8-0F58-4635-843C-B3C62FD48682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA96869-72CF-49D2-94E1-4FF8102A29CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "21DA6F2F-72F5-4D3A-AB4C-2C5D56C615FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6CF9AF7-A335-4C05-9F45-08253A521D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "87F7E9A7-CA85-4F4D-8F0C-DF0C79A80B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61A323AE-7C8D-49F3-BB47-15DEBAFC86BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEC058B-C096-455B-9A75-5191E00A367D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E79208-AF42-48D9-990C-E2E2E1DE8E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5E2C05-12C0-48B6-BE84-0A045B2A2B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "167749D0-F3B8-48F3-BFC8-37A531E48C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C754E5-ACBB-45DE-B983-0888A8EB7CD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "84E7CE7F-4410-461D-9381-B186789B6509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:juniper:junos_space_ja1500_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C58939FC-742F-4A93-8977-6953B32E6817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:juniper:junos_space_ja2500_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D76C2611-F434-496C-8E30-4FA927223B81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Juniper Junos Space anterior a 13.3R1.8, cuando el firewall est\u00e1 deshabilitado, permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-3412",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-20T14:55:05.770",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/67454"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/67454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030254"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-5097
Vulnerability from fkie_nvd - Published: 2013-08-16 14:01 - Updated: 2025-04-11 00:51
Severity ?
Summary
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos_space | 11.1 | |
| juniper | junos_space | 11.2 | |
| juniper | junos_space | 11.3 | |
| juniper | junos_space | 11.4 | |
| juniper | junos_space | 12.1 | |
| juniper | junos_space | 12.2 | |
| juniper | junos_space | 12.3 | |
| juniper | junos_space_virtual_appliance | - | |
| juniper | junos_space_ja1500_appliance | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61A323AE-7C8D-49F3-BB47-15DEBAFC86BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEC058B-C096-455B-9A75-5191E00A367D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E79208-AF42-48D9-990C-E2E2E1DE8E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5E2C05-12C0-48B6-BE84-0A045B2A2B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "167749D0-F3B8-48F3-BFC8-37A531E48C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C754E5-ACBB-45DE-B983-0888A8EB7CD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "84E7CE7F-4410-461D-9381-B186789B6509",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space_virtual_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE8EA74-6BD3-461C-9D08-EF1024EC0E5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:juniper:junos_space_ja1500_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C58939FC-742F-4A93-8977-6953B32E6817",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462."
},
{
"lang": "es",
"value": "Juniper Junos Space anterior a v13.1R1.6, como es usado en JA1500 y en otros contextos, no aplica correctamente el acceso a la lista de cuentas de usuario y sus contrase\u00f1as codificadas en MD5, lo que hace que sea m\u00e1s f\u00e1cil para los usuarios remotos autenticados obtener informaci\u00f3n sensible a trav\u00e9s de un ataque de diccionario, tambi\u00e9n conocido como PR 879462."
}
],
"id": "CVE-2013-5097",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-16T14:01:36.597",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1028923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028923"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-5096
Vulnerability from fkie_nvd - Published: 2013-08-16 14:01 - Updated: 2025-04-11 00:51
Severity ?
Summary
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos_space | 11.1 | |
| juniper | junos_space | 11.2 | |
| juniper | junos_space | 11.3 | |
| juniper | junos_space | 11.4 | |
| juniper | junos_space | 12.1 | |
| juniper | junos_space | 12.2 | |
| juniper | junos_space | 12.3 | |
| juniper | junos_space_virtual_appliance | - | |
| juniper | junos_space_ja1500_appliance | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61A323AE-7C8D-49F3-BB47-15DEBAFC86BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEC058B-C096-455B-9A75-5191E00A367D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E79208-AF42-48D9-990C-E2E2E1DE8E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5E2C05-12C0-48B6-BE84-0A045B2A2B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "167749D0-F3B8-48F3-BFC8-37A531E48C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C754E5-ACBB-45DE-B983-0888A8EB7CD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "84E7CE7F-4410-461D-9381-B186789B6509",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space_virtual_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE8EA74-6BD3-461C-9D08-EF1024EC0E5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:juniper:junos_space_ja1500_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C58939FC-742F-4A93-8977-6953B32E6817",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804."
},
{
"lang": "es",
"value": "Juniper Junos Space anterior a v13.1R1.6, como es usado en JA1500 y en otros contextos, no aplica correctamente el control de acceso basado en roles, lo que permite a usuarios remotos autenticados modificar la configuraci\u00f3n mediante el aprovechamiento del privilegio de s\u00f3lo lectura, tambi\u00e9n conocido como PR 863804."
}
],
"id": "CVE-2013-5096",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-16T14:01:36.577",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/61794"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1028923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/61794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028923"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-5095
Vulnerability from fkie_nvd - Published: 2013-08-16 13:57 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos_space | 11.1 | |
| juniper | junos_space | 11.2 | |
| juniper | junos_space | 11.3 | |
| juniper | junos_space | 11.4 | |
| juniper | junos_space | 12.1 | |
| juniper | junos_space | 12.2 | |
| juniper | junos_space | 12.3 | |
| juniper | junos_space_virtual_appliance | - | |
| juniper | junos_space_ja1500_appliance | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61A323AE-7C8D-49F3-BB47-15DEBAFC86BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEC058B-C096-455B-9A75-5191E00A367D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E79208-AF42-48D9-990C-E2E2E1DE8E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5E2C05-12C0-48B6-BE84-0A045B2A2B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "167749D0-F3B8-48F3-BFC8-37A531E48C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C754E5-ACBB-45DE-B983-0888A8EB7CD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "84E7CE7F-4410-461D-9381-B186789B6509",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space_virtual_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE8EA74-6BD3-461C-9D08-EF1024EC0E5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:juniper:junos_space_ja1500_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C58939FC-742F-4A93-8977-6953B32E6817",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469."
},
{
"lang": "es",
"value": "Vulnerabilidad Cross-site scripting (XSS) en el interfaz web en Juniper Junos Space anterior a v13.1R1.6, como es usado en JA1500 y en otros contextos, permite a atacantes remotos inyectar c\u00f3digo script o HTML a trav\u00e9s de vectores sin especificar, tambi\u00e9n conocido como PR 884469"
}
],
"id": "CVE-2013-5095",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-08-16T13:57:23.487",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1028923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028923"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-3497
Vulnerability from fkie_nvd - Published: 2013-05-08 23:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos_space | * | |
| juniper | junos_space | 1.0 | |
| juniper | junos_space | 1.1 | |
| juniper | junos_space | 1.2 | |
| juniper | junos_space | 1.3 | |
| juniper | junos_space | 1.4 | |
| juniper | junos_space | 2.0 | |
| juniper | junos_space | 11.1 | |
| juniper | junos_space | 11.2 | |
| juniper | junos_space | 11.3 | |
| juniper | junos_space | 11.4 | |
| juniper | junos_space | 12.1 | |
| juniper | junos_space | 12.2 | |
| juniper | junos_space_virtual_appliance | - | |
| juniper | junos_space_ja1500_appliance | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB928408-42EF-4B91-BC4C-AE1507235B2B",
"versionEndIncluding": "12.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "289CAAE5-882C-4236-BF76-B20F8A7F3014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA36F3E8-0F58-4635-843C-B3C62FD48682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA96869-72CF-49D2-94E1-4FF8102A29CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "21DA6F2F-72F5-4D3A-AB4C-2C5D56C615FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6CF9AF7-A335-4C05-9F45-08253A521D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "87F7E9A7-CA85-4F4D-8F0C-DF0C79A80B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61A323AE-7C8D-49F3-BB47-15DEBAFC86BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEC058B-C096-455B-9A75-5191E00A367D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E79208-AF42-48D9-990C-E2E2E1DE8E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5E2C05-12C0-48B6-BE84-0A045B2A2B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "167749D0-F3B8-48F3-BFC8-37A531E48C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:junos_space:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C754E5-ACBB-45DE-B983-0888A8EB7CD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space_virtual_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE8EA74-6BD3-461C-9D08-EF1024EC0E5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:juniper:junos_space_ja1500_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C58939FC-742F-4A93-8977-6953B32E6817",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen."
},
{
"lang": "es",
"value": "Juniper Junos Space antes de v12.3P2.8, tal como se utiliza en el JA1500 y en otros contextos, incluye una contrase\u00f1a de texto en una pesta\u00f1a de configuraci\u00f3n, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes f\u00edsicamente pr\u00f3ximos a obtener la contrase\u00f1a mediante la lectura de la pantalla de estaci\u00f3n de trabajo."
}
],
"id": "CVE-2013-3497",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-05-08T23:55:01.083",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/93112"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/59760"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84109"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/KB27374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/93112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/59760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/KB27374"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-3412 (GCVE-0-2014-3412)
Vulnerability from cvelistv5 – Published: 2014-05-20 14:00 – Updated: 2024-08-06 10:43
VLAI?
Summary
Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:05.515Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "67454",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67454"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626"
},
{
"name": "1030254",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030254"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-20T12:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "67454",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67454"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626"
},
{
"name": "1030254",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030254"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "67454",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67454"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626"
},
{
"name": "1030254",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030254"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3412",
"datePublished": "2014-05-20T14:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:43:05.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5096 (GCVE-0-2013-5096)
Vulnerability from cvelistv5 – Published: 2013-08-16 10:00 – Updated: 2024-08-06 16:59
VLAI?
Summary
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "61794",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61794"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-12T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "61794",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61794"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "61794",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61794"
},
{
"name": "http://kb.juniper.net/JSA10585",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5096",
"datePublished": "2013-08-16T10:00:00",
"dateReserved": "2013-08-09T00:00:00",
"dateUpdated": "2024-08-06T16:59:41.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5097 (GCVE-0-2013-5097)
Vulnerability from cvelistv5 – Published: 2013-08-16 10:00 – Updated: 2024-08-06 16:59
VLAI?
Summary
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-12T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5097",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://kb.juniper.net/JSA10585",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5097",
"datePublished": "2013-08-16T10:00:00",
"dateReserved": "2013-08-09T00:00:00",
"dateUpdated": "2024-08-06T16:59:41.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5095 (GCVE-0-2013-5095)
Vulnerability from cvelistv5 – Published: 2013-08-16 10:00 – Updated: 2024-08-06 16:59
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-12T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://kb.juniper.net/JSA10585",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5095",
"datePublished": "2013-08-16T10:00:00",
"dateReserved": "2013-08-09T00:00:00",
"dateUpdated": "2024-08-06T16:59:41.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3497 (GCVE-0-2013-3497)
Vulnerability from cvelistv5 – Published: 2013-05-08 23:00 – Updated: 2024-08-06 16:14
VLAI?
Summary
Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:54.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "59760",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59760"
},
{
"name": "93112",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/93112"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/KB27374"
},
{
"name": "juniper-cve20133497-info-disc(84109)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84109"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "59760",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/59760"
},
{
"name": "93112",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/93112"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/KB27374"
},
{
"name": "juniper-cve20133497-info-disc(84109)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84109"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59760",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/59760"
},
{
"name": "93112",
"refsource": "OSVDB",
"url": "http://osvdb.org/93112"
},
{
"name": "https://kb.juniper.net/KB27374",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/KB27374"
},
{
"name": "juniper-cve20133497-info-disc(84109)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84109"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3497",
"datePublished": "2013-05-08T23:00:00",
"dateReserved": "2013-05-07T00:00:00",
"dateUpdated": "2024-08-06T16:14:54.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3412 (GCVE-0-2014-3412)
Vulnerability from nvd – Published: 2014-05-20 14:00 – Updated: 2024-08-06 10:43
VLAI?
Summary
Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:05.515Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "67454",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67454"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626"
},
{
"name": "1030254",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030254"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-20T12:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "67454",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67454"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626"
},
{
"name": "1030254",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030254"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "67454",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67454"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626"
},
{
"name": "1030254",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030254"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3412",
"datePublished": "2014-05-20T14:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:43:05.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5096 (GCVE-0-2013-5096)
Vulnerability from nvd – Published: 2013-08-16 10:00 – Updated: 2024-08-06 16:59
VLAI?
Summary
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "61794",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61794"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-12T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "61794",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61794"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "61794",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61794"
},
{
"name": "http://kb.juniper.net/JSA10585",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5096",
"datePublished": "2013-08-16T10:00:00",
"dateReserved": "2013-08-09T00:00:00",
"dateUpdated": "2024-08-06T16:59:41.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5097 (GCVE-0-2013-5097)
Vulnerability from nvd – Published: 2013-08-16 10:00 – Updated: 2024-08-06 16:59
VLAI?
Summary
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-12T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5097",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://kb.juniper.net/JSA10585",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5097",
"datePublished": "2013-08-16T10:00:00",
"dateReserved": "2013-08-09T00:00:00",
"dateUpdated": "2024-08-06T16:59:41.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5095 (GCVE-0-2013-5095)
Vulnerability from nvd – Published: 2013-08-16 10:00 – Updated: 2024-08-06 16:59
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-12T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://kb.juniper.net/JSA10585",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/JSA10585"
},
{
"name": "1028923",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5095",
"datePublished": "2013-08-16T10:00:00",
"dateReserved": "2013-08-09T00:00:00",
"dateUpdated": "2024-08-06T16:59:41.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3497 (GCVE-0-2013-3497)
Vulnerability from nvd – Published: 2013-05-08 23:00 – Updated: 2024-08-06 16:14
VLAI?
Summary
Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:54.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "59760",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59760"
},
{
"name": "93112",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/93112"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/KB27374"
},
{
"name": "juniper-cve20133497-info-disc(84109)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84109"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "59760",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/59760"
},
{
"name": "93112",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/93112"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/KB27374"
},
{
"name": "juniper-cve20133497-info-disc(84109)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84109"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59760",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/59760"
},
{
"name": "93112",
"refsource": "OSVDB",
"url": "http://osvdb.org/93112"
},
{
"name": "https://kb.juniper.net/KB27374",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/KB27374"
},
{
"name": "juniper-cve20133497-info-disc(84109)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84109"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3497",
"datePublished": "2013-05-08T23:00:00",
"dateReserved": "2013-05-07T00:00:00",
"dateUpdated": "2024-08-06T16:14:54.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}