CVE-2016-4928 — Cross-Site Request Forgery in Juniper Junos Space

CWE-352 — Cross-Site Request Forgery4 documents4 sources
Severity
8.8HIGHNVD
EPSS
0.2%
top 59.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Juniper Junos Space
Timeline
PublishedMar 20
Latest updateMay 17

Description

Cross site request forgery vulnerability in Junos Space before 15.2R2 allows remote attackers to perform certain administrative actions on Junos Space.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

â–¶NVDjuniper/junos_space15.2

🔴Vulnerability Details

2
GHSA
GHSA-c89w-rrq4-pqxj: Cross site request forgery vulnerability in Junos Space before 15↗2022-05-17
â–¶
CVEList
CVE-2016-4928: Cross site request forgery vulnerability in Junos Space before 15↗2017-03-20
â–¶

📋Vendor Advisories

1
Juniper
CVE-2016-4928: Cross site request forgery vulnerability in Junos Space before 15.2R2 allows remote attackers to perform certain administrative actions on Junos Space↗2017-03-20
â–¶
CVE-2016-4928 — Cross-Site Request Forgery in Juniper | cvebase