CVE-2021-0220Storing Passwords in a Recoverable Format in Networks Junos Space

CWE-257Storing Passwords in a Recoverable FormatCWE-522Insufficiently Protected CredentialsCWE-20Improper Input Validation5 documents5 sources
Severity
6.8MEDIUMNVD
EPSS
0.3%
top 48.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos SpaceJuniper Junos Space
Timeline
PublishedJan 15
Latest updateMay 24

Description

The Junos Space Network Management Platform has been found to store shared secrets in a recoverable format that can be exposed through the UI. An attacker who is able to execute arbitrary code in the victim browser (for example via XSS) or access cached contents may be able to obtain a copy of credentials managed by Junos Space. The impact of a successful attack includes, but is not limited to, obtaining access to other servers connected to the Junos Space Management Platform. This issue affects

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:NExploitability: 2.3 | Impact: 4.0

Affected Packages2 packages

CVEListV5juniper_networks/junos_spaceunspecified20.3R1
NVDjuniper/junos_space31 versions+30

🔴Vulnerability Details

2
GHSA
GHSA-wvhm-q7jr-v337: The Junos Space Network Management Platform has been found to store shared secrets in a recoverable format that can be exposed through the UI2022-05-24
CVEList
Junos Space: Shared secrets stored in recoverable format and directly exposed through the UI2021-01-15

📋Vendor Advisories

2
Red Hat
httpd: Unexpected URL matching with 'MergeSlashes OFF'2021-06-04
Juniper
CVE-2021-0220: The Junos Space Network Management Platform has been found to store shared secrets in a recoverable format that can be exposed through the UI. An atta2021-01-15