Búsqueda de    
Vulnerabilidad   
    Buscar 191973 Descripciones CVE y
86218 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.106348
Categoría:JunOS Local Security Checks
Título:Junos Space Multiple Vulnerabilities
Resumen:Junos Space is prone to multiple vulnerabilities.
Descripción:Summary:
Junos Space is prone to multiple vulnerabilities.

Vulnerability Insight:
Junos Space is prone to multiple vulnerabilities:

- Insufficient authentication vulnerability in Junos Space may allow remote network based users with access to
Junos Space web interface to perform certain administrative tasks without authentication. (CVE-2016-4926)

- Insufficient validation of SSH keys in Junos Space may allow man-in-the-middle (MITM) type of attacks while a
Space device is communicating with managed devices. (CVE-2016-4927)

- Cross site request forgery vulnerability in Junos Space may allow remote attackers to perform certain
administrative actions on Junos Space. (CVE-2016-4928)

- Command injection vulnerability in Junos Space may allow unprivileged users to execute code as root user on
the device. (CVE-2016-4929)

- Cross site scripting vulnerability may allow remote attackers to steal sensitive information or perform certain
administrative actions on Junos Space. (CVE-2016-4930)

- XML entity injection vulnerability may allow unprivileged users to cause a denial of service condition.
(CVE-2016-4931)

Affected Software/OS:
This issue can affect any product or platform running Junos Space before
15.2R2.

Solution:
Update to version 15.2R2 or later.

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-4926
BugTraq ID: 93540
http://www.securityfocus.com/bid/93540
Common Vulnerability Exposure (CVE) ID: CVE-2016-4927
Common Vulnerability Exposure (CVE) ID: CVE-2016-4928
Common Vulnerability Exposure (CVE) ID: CVE-2016-4929
Common Vulnerability Exposure (CVE) ID: CVE-2016-4930
Common Vulnerability Exposure (CVE) ID: CVE-2016-4931
CopyrightThis script is Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 86218 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2020 E-Soft Inc. Todos los derechos reservados.