CVE-2016-1261Cross-Site Request Forgery in Networks Junos OS

CWE-352Cross-Site Request Forgery2 documents2 sources
Severity
8.8HIGHNVD
EPSS
0.1%
top 64.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedOct 13
Latest updateMay 13

Description

J-Web does not validate certain input that may lead to cross-site request forgery (CSRF) issues or cause a denial of J-Web service (DoS).

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDjuniper/junos12 versions+11
CVEListV5juniper_networks/junos_os12 versions+11

🔴Vulnerability Details

1
GHSA
GHSA-8rqf-6vv7-xmxj: J-Web does not validate certain input that may lead to cross-site request forgery (CSRF) issues or cause a denial of J-Web service (DoS)2022-05-13
CVE-2016-1261 — Cross-Site Request Forgery | cvebase