Juniper Junos Space < 15.1R3 Multiple Vulnerabilities (JSA10727)

Critical Nessus Plugin ID 91890


The remote device is affected by multiple vulnerabilities.


According to its self-reported version number, the version of Junos Space running on the remote device is prior to 15.1R3. It is, therefore, affected by multiple unspecified vulnerabilities, including cross-site request forgery (XSRF), default authentication credentials, information disclosure, and command injection. An unauthenticated, remote attacker can exploit these to execute arbitrary code or gain access to devices managed by Junos Space.


Upgrade to Junos Space version 15.1R3 or later.

See Also

Plugin Details

Severity: Critical

ID: 91890

File Name: juniper_space_15_1R3.nasl

Version: $Revision: 1.2 $

Type: local

Published: 2016/06/29

Modified: 2016/07/01

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

CPE: cpe:/a:juniper:junos_space

Required KB Items: Host/Junos_Space/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/04/13

Vulnerability Publication Date: 2016/04/13

Reference Information

CVE: CVE-2016-1265

OSVDB: 137062, 137064, 137065, 137066

JSA: JSA10727