CVE-2017-10612

MEDIUM

Description

A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal information or perform actions as other Junos Space users or administrators. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1.

References

http://www.securityfocus.com/bid/101256

https://kb.juniper.net/JSA10826

Details

Source: MITRE

Published: 2017-10-13

Updated: 2019-10-09

Type: CWE-79

Risk Information

CVSS v2.0

Base Score: 6

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 6.8

Severity: MEDIUM

CVSS v3.0

Base Score: 8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.1

Severity: HIGH