Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.106348
Kategorie:JunOS Local Security Checks
Titel:Junos Space Multiple Vulnerabilities
Zusammenfassung:Junos Space is prone to multiple vulnerabilities.
Beschreibung:Summary:
Junos Space is prone to multiple vulnerabilities.

Vulnerability Insight:
Junos Space is prone to multiple vulnerabilities:

- Insufficient authentication vulnerability in Junos Space may allow remote network based users with access to
Junos Space web interface to perform certain administrative tasks without authentication. (CVE-2016-4926)

- Insufficient validation of SSH keys in Junos Space may allow man-in-the-middle (MITM) type of attacks while a
Space device is communicating with managed devices. (CVE-2016-4927)

- Cross site request forgery vulnerability in Junos Space may allow remote attackers to perform certain
administrative actions on Junos Space. (CVE-2016-4928)

- Command injection vulnerability in Junos Space may allow unprivileged users to execute code as root user on
the device. (CVE-2016-4929)

- Cross site scripting vulnerability may allow remote attackers to steal sensitive information or perform certain
administrative actions on Junos Space. (CVE-2016-4930)

- XML entity injection vulnerability may allow unprivileged users to cause a denial of service condition.
(CVE-2016-4931)

Affected Software/OS:
This issue can affect any product or platform running Junos Space before
15.2R2.

Solution:
Update to version 15.2R2 or later.

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-4926
BugTraq ID: 93540
http://www.securityfocus.com/bid/93540
Common Vulnerability Exposure (CVE) ID: CVE-2016-4927
Common Vulnerability Exposure (CVE) ID: CVE-2016-4928
Common Vulnerability Exposure (CVE) ID: CVE-2016-4929
Common Vulnerability Exposure (CVE) ID: CVE-2016-4930
Common Vulnerability Exposure (CVE) ID: CVE-2016-4931
CopyrightThis script is Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.