CVE-2016-4931XML External Entity (XXE) Injection in Juniper Junos Space

CWE-611XML External Entity (XXE) Injection4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.3%
top 49.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Juniper Junos Space
Timeline
PublishedMar 20
Latest updateMay 17

Description

XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-g4hq-749c-p7fv: XML entity injection in Junos Space before 152022-05-17
CVEList
CVE-2016-4931: XML entity injection in Junos Space before 152017-03-20

📋Vendor Advisories

1
Juniper
CVE-2016-4931: XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service.2017-03-20
CVE-2016-4931 — XML External Entity (XXE) Injection | cvebase