Juniper Junos Space vulnerabilities
77 known vulnerabilities affecting juniper/junos_space.
Total CVEs
77
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL10HIGH16MEDIUM51
Vulnerabilities
Page 4 of 4
CVE-2014-6491HIGHCVSS 7.5≤ 15.12014-10-15
CVE-2014-6491 [HIGH] CVE-2014-6491: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows re
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6500.
nvd
CVE-2014-6478MEDIUMCVSS 4.3≤ 15.12014-10-15
CVE-2014-6478 [MEDIUM] CVE-2014-6478: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.
nvd
CVE-2014-6494MEDIUMCVSS 4.3≤ 15.12014-10-15
CVE-2014-6494 [MEDIUM] CVE-2014-6494: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496.
nvd
CVE-2014-6559MEDIUMCVSS 4.3≤ 15.12014-10-15
CVE-2014-6559 [MEDIUM] CVE-2014-6559: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.
nvd
CVE-2014-6495MEDIUMCVSS 4.3≤ 15.12014-10-15
CVE-2014-6495 [MEDIUM] CVE-2014-6495: Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.
nvd
CVE-2014-6496MEDIUMCVSS 4.3≤ 15.12014-10-15
CVE-2014-6496 [MEDIUM] CVE-2014-6496: Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494.
nvd
CVE-2014-3412CRITICALCVSS 10.0≤ 13.1v1.0+12 more2014-05-20
CVE-2014-3412 [CRITICAL] CVE-2014-3412: Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, all
Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors.
nvd
CVE-2014-0429CRITICALCVSS 10.0fixed in 15.12014-04-16
CVE-2014-0429 [CRITICAL] CVE-2014-0429: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1;
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
nvd
CVE-2014-0456CRITICALCVSS 10.0fixed in 15.12014-04-16
CVE-2014-0456 [CRITICAL] CVE-2014-0456: Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows rem
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
nvd
CVE-2014-0457CRITICALCVSS 10.0fixed in 15.12014-04-16
CVE-2014-0457 [CRITICAL] CVE-2014-0457: Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.
Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
nvd
CVE-2014-2421CRITICALCVSS 10.0fixed in 15.12014-04-16
CVE-2014-2421 [CRITICAL] CVE-2014-2421: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Em
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
nvd
CVE-2014-0453MEDIUMCVSS 4.0fixed in 15.12014-04-16
CVE-2014-0453 [MEDIUM] CVE-2014-0453: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1;
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
nvd
CVE-2014-0460MEDIUMCVSS 5.8fixed in 15.12014-04-16
CVE-2014-0460 [MEDIUM] CVE-2014-0460: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1;
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.
nvd
CVE-2013-5096MEDIUMCVSS 4.0v11.1v11.2+5 more2013-08-16
CVE-2013-5096 [MEDIUM] CWE-264 CVE-2013-5096: Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804.
nvd
CVE-2013-5097MEDIUMCVSS 4.0v11.1v11.2+5 more2013-08-16
CVE-2013-5097 [MEDIUM] CWE-264 CVE-2013-5097: Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462.
nvd
CVE-2013-5095MEDIUMCVSS 4.3v11.1v11.2+5 more2013-08-16
CVE-2013-5095 [MEDIUM] CWE-79 CVE-2013-5095: Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13
Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469.
nvd
CVE-2013-3497MEDIUMCVSS 4.7≤ 12.3v1.0+11 more2013-05-08
CVE-2013-3497 [MEDIUM] CWE-255 CVE-2013-3497: Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes
Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.
nvd
← Previous4 / 4