3 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469...
CVE-2013-5096
CVE-2013-5096 concerns Juniper Junos Space before 13.1R1.6. The issue is a flawed role-based access control implementation that allows remote authenticated users to modify device configurations by abusing the read-only privilege (PR 863804). The affected product is Junos Space (JA1500 appliance a...
CVE-2013-5097
Juniper Junos Space before 13.1R1.6 (JA1500 and other contexts) exposes the list of user accounts and their MD5 password hashes due to improper access restriction, enabling remote authenticated users to obtain sensitive information via a dictionary attack. Affected are Junos Space deployments pri...