4 matches found
CVE-2013-5095
CVE-2013-5095 is a documented XSS vulnerability in the web-based interface of Juniper Junos Space prior to 13.1R1.6 (e.g., JA1500 and related deployments). The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The available sources confirm the affected ...
CVE-2013-5097
Juniper Junos Space before 13.1R1.6 (JA1500 and other contexts) exposes the list of user accounts and their MD5 password hashes due to improper access restriction, enabling remote authenticated users to obtain sensitive information via a dictionary attack. Affected are Junos Space deployments pri...
CVE-2013-3497
CVE-2013-3497 affects Juniper Junos Space prior to 12.3P2.8 (JA1500 and related deployments). The vulnerability exposes cleartext passwords in a configuration tab, enabling reading by physically proximate attackers who view the workstation screen. Exploitation details are not provided in the docu...
CVE-2013-5096
CVE-2013-5096 concerns Juniper Junos Space before 13.1R1.6. The issue is a flawed role-based access control implementation that allows remote authenticated users to modify device configurations by abusing the read-only privilege (PR 863804). The affected product is Junos Space (JA1500 appliance a...