6.5
CVE-2019-0016
- EPSS 0.17%
- Published 15.01.2019 21:29:01
- Last modified 21.11.2024 04:16:03
- Source sirt@juniper.net
- Teams watchlist Login
- Open Login
A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete action performed by another administrative user. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1.
Data is provided by the National Vulnerability Database (NVD)
Juniper ≫ Junos Space Version13.3 Updater1
Juniper ≫ Junos Space Version13.3 Updater2
Juniper ≫ Junos Space Version13.3 Updater3
Juniper ≫ Junos Space Version13.3 Updater4
Juniper ≫ Junos Space Version14.1 Update-
Juniper ≫ Junos Space Version14.1 Updater1
Juniper ≫ Junos Space Version14.1 Updater2
Juniper ≫ Junos Space Version14.1 Updater3
Juniper ≫ Junos Space Version15.1 Updater1
Juniper ≫ Junos Space Version15.1 Updater2
Juniper ≫ Junos Space Version15.1 Updater3
Juniper ≫ Junos Space Version15.1 Updater4
Juniper ≫ Junos Space Version15.2 Update-
Juniper ≫ Junos Space Version15.2 Updater1
Juniper ≫ Junos Space Version15.2 Updater2
Juniper ≫ Junos Space Version16.1 Update-
Juniper ≫ Junos Space Version16.1 Updater1
Juniper ≫ Junos Space Version16.1 Updater2
Juniper ≫ Junos Space Version16.1 Updater3
Juniper ≫ Junos Space Version17.1 Updater1
Juniper ≫ Junos Space Version17.2 Updater1.4
Juniper ≫ Junos Space Version18.1 Updater1
Juniper ≫ Junos Space Version18.2 Updater1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.385 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
|
| nvd@nist.gov | 5.5 | 8 | 4.9 |
AV:N/AC:L/Au:S/C:N/I:P/A:P
|
| sirt@juniper.net | 6.5 | 2.8 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
|