8.8
CVE-2016-4928
- EPSS 0.19%
- Veröffentlicht 20.03.2017 20:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
- Quelle sirt@juniper.net
- CVE-Watchlists
- Unerledigt
LoginCross site request forgery vulnerability in Junos Space before 15.2R2 allows remote attackers to perform certain administrative actions on Junos Space.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Juniper ≫ Junos Space Updater1 Version <= 15.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.371 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-352 Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.