Published: 15/01/2021 Updated: 26/01/2021

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 6.8 | Impact Score: 4 | Exploitability Score: 2.3

VMScore: 312

Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N

The Junos Space Network Management Platform has been found to store shared secrets in a recoverable format that can be exposed through the UI. An attacker who is able to execute arbitrary code in the victim browser (for example via XSS) or access cached contents may be able to obtain a copy of credentials managed by Junos Space. The impact of a successful attack includes, but is not limited to, obtaining access to other servers connected to the Junos Space Management Platform. This issue affects Juniper Networks Junos Space versions before 20.3R1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
juniper junos space 1.0
juniper junos space 1.1
juniper junos space 1.2
juniper junos space 1.3
juniper junos space 1.4
juniper junos space 2.0
juniper junos space 11.1
juniper junos space 11.2
juniper junos space 11.3
juniper junos space 11.4
juniper junos space 12.1
juniper junos space 12.2
juniper junos space 12.3
juniper junos space 13.1
juniper junos space 13.3
juniper junos space 14.1
juniper junos space 15.1
juniper junos space 15.2
juniper junos space 16.1
juniper junos space 17.1
juniper junos space 17.2
juniper junos space 18.1
juniper junos space 18.1r1
juniper junos space 18.2
juniper junos space 18.3
juniper junos space 18.4
juniper junos space 19.1
juniper junos space 19.2
juniper junos space 19.3
juniper junos space 19.4
juniper junos space 20.1

CWE-522 https://kb.juniper.net/JSA11110 https://nvd.nist.gov

CVE-2021-0220

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect