CVE-2018-0046

Junos Space: Reflected Cross-site Scripting vulnerability in OpenNMS

CVSS 8.8 HIGHEPSS 1.6%

A reflected cross-site scripting vulnerability in OpenNMS included with Juniper Networks Junos Space may allow the stealing of sensitive information or session credentials from Junos Space administrators or perform administrative actions. This issue affects Juniper Networks Junos Space versions prior to 18.2R1.

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Productos afectados

Juniper Networks · Junos Space

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/OpenNMS/opennms/commit/8710463077c10034fcfa06556a98fb1a1a64fd0d https://kb.juniper.net/JSA10880 http://www.securityfocus.com/bid/105566 http://www.securitytracker.com/id/1041862