CVE-2013-5096 — Juniper Junos Space vulnerability

CWE-2646 documents6 sources

Severity

4.0MEDIUMNVD

EPSS

0.2%

top 58.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Junos Space

Timeline

PublishedAug 16

Latest updateMay 17

Description

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

▶NVDjuniper/junos_space7 versions+6

🔴Vulnerability Details

GHSA

GHSA-93wq-q2fx-rxh8: Juniper Junos Space before 13↗2022-05-17

▶

CVEList

CVE-2013-5096: Juniper Junos Space before 13↗2013-08-16

▶

📋Vendor Advisories

Juniper

CVE-2013-5096: Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, whi↗2013-08-16

▶

Red Hat

mysql: unspecified DoS vulnerability related to Server Privileges (CPU Jan 2013)↗2013-01-15

▶

💬Community

Bugzilla

CVE-2012-5096 mysql: unspecified DoS vulnerability related to Server Privileges (CPU Jan 2013)↗2013-01-16

▶