CVE-2018-0046

CWE-79Cross-site Scripting (XSS)4 documents4 sources
Severity
6.1MEDIUM
EPSS
0.8%
top 26.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos SpaceJuniper Junos Space
Timeline
PublishedOct 10
Latest updateMay 13

Description

A reflected cross-site scripting vulnerability in OpenNMS included with Juniper Networks Junos Space may allow the stealing of sensitive information or session credentials from Junos Space administrators or perform administrative actions. This issue affects Juniper Networks Junos Space versions prior to 18.2R1.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5juniper_networks/junos_spaceunspecified18.2R1

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-vx6g-fghm-vx43: A reflected cross-site scripting vulnerability in OpenNMS included with Juniper Networks Junos Space may allow the stealing of sensitive information o2022-05-13
CVEList
Junos Space: Reflected Cross-site Scripting vulnerability in OpenNMS2018-10-10

📋Vendor Advisories

1
Juniper
CVE-2018-0046: A reflected cross-site scripting vulnerability in OpenNMS included with Juniper Networks Junos Space may allow the stealing of sensitive information o2018-10-10
CVE-2018-0046 (MEDIUM CVSS 6.1) | A reflected cross-site scripting vu | cvebase.io