Juniper Junos Space < 13.3R1.8 Arbitrary Command Execution (JSA10626)

High Nessus Plugin ID 80194


The remote device is affected by a remote command execution vulnerability.


According to its self-reported version number, the remote Junos Space version is prior to 13.3R1.8. It is, therefore, affected by a remote command execution vulnerability that exists when the firewall is disabled. This could allow a remote attacker to execute arbitrary commands with root privileges.

Note that the firewall is enabled by default on Junos Space.


Upgrade to Junos Space 13.3R1.8 or later.

See Also

Plugin Details

Severity: High

ID: 80194

File Name: juniper_space_jsa10626.nasl

Version: 1.3

Type: local

Published: 2014/12/22

Modified: 2017/05/30

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:juniper:junos_space

Required KB Items: Host/local_checks_enabled, Host/Junos_Space/version, Host/Junos_Space/release

Patch Publication Date: 2014/05/14

Vulnerability Publication Date: 2014/05/14

Reference Information

CVE: CVE-2014-3412

BID: 67454

OSVDB: 106939