- EPSS 0.19%
- Published 16.08.2013 14:01:36
- Last modified 11.04.2025 00:51:21
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privile...
- EPSS 0.18%
- Published 16.08.2013 14:01:36
- Last modified 11.04.2025 00:51:21
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain s...
CVE-2013-5095
- EPSS 0.26%
- Published 16.08.2013 13:57:23
- Last modified 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors,...
CVE-2013-3497
- EPSS 0.08%
- Published 08.05.2013 23:55:01
- Last modified 11.04.2025 00:51:21
Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstati...