Junos Space Security Vulnerabilities and Issues — Junos Space CVE List

Lucene search

JuniperJunos Space

11 matches found

CVE•added 2014/04/16 1:55 a.m.•129 views

CVE-2014-0453

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.

4CVSS5.2AI score0.01694EPSS

CVE•added 2015/07/16 10:59 a.m.•113 views

CVE-2015-2620

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.

4.3CVSS4.4AI score0.00534EPSS

CVE•added 2014/10/15 10:55 p.m.•105 views

CVE-2014-6494

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496.

4.3CVSS6.4AI score0.01302EPSS

CVE•added 2014/10/15 10:55 p.m.•105 views

CVE-2014-6559

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.

4.3CVSS5.6AI score0.01015EPSS

CVE•added 2014/10/15 10:55 p.m.•100 views

CVE-2014-6496

4.3CVSS6.4AI score0.01302EPSS

CVE•added 2014/10/15 10:55 p.m.•89 views

CVE-2014-6495

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.

4.3CVSS6.3AI score0.00555EPSS

CVE•added 2014/10/15 3:55 p.m.•88 views

CVE-2014-6478

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.

4.3CVSS6.3AI score0.00407EPSS

CVE•added 2013/08/16 2:1 p.m.•47 views

CVE-2013-5097

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka...

4CVSS6AI score0.00176EPSS

CVE•added 2013/08/16 1:57 p.m.•46 views

CVE-2013-5095

Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469.

4.3CVSS5.9AI score0.00263EPSS

CVE•added 2013/05/08 11:55 p.m.•44 views

CVE-2013-3497

Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.

4.7CVSS6.8AI score0.00077EPSS

CVE•added 2013/08/16 2:1 p.m.•41 views

CVE-2013-5096

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804.

4CVSS6.4AI score0.00193EPSS