CVE-2016-4926 — Improper Authentication in Juniper Junos Space

CWE-287 — Improper Authentication4 documents4 sources

Severity

9.8CRITICALNVD

EPSS

3.6%

top 12.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Junos Space

Timeline

PublishedMar 20

Latest updateMay 17

Description

Insufficient authentication vulnerability in Junos Space before 15.2R2 allows remote network based users with access to Junos Space web interface to perform certain administrative tasks without authentication.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

▶NVDjuniper/junos_space15.2

🔴Vulnerability Details

GHSA

GHSA-cg68-rv98-xxqj: Insufficient authentication vulnerability in Junos Space before 15↗2022-05-17

▶

CVEList

CVE-2016-4926: Insufficient authentication vulnerability in Junos Space before 15↗2017-03-20

▶

📋Vendor Advisories

Juniper

CVE-2016-4926: Insufficient authentication vulnerability in Junos Space before 15.2R2 allows remote network based users with access to Junos Space web interface to p↗2017-03-20

▶