CVE-2018-0046

Junos Space: Reflected Cross-site Scripting vulnerability in OpenNMS

CVSS 8.8 HIGHEPSS 1.6%

A reflected cross-site scripting vulnerability in OpenNMS included with Juniper Networks Junos Space may allow the stealing of sensitive information or session credentials from Junos Space administrators or perform administrative actions. This issue affects Juniper Networks Junos Space versions prior to 18.2R1.

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Produtos afetados

Juniper Networks · Junos Space

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/OpenNMS/opennms/commit/8710463077c10034fcfa06556a98fb1a1a64fd0d https://kb.juniper.net/JSA10880 http://www.securityfocus.com/bid/105566 http://www.securitytracker.com/id/1041862