Juniper Networks Screenos vulnerabilities

CVE-2018-0059 [MEDIUM] CWE-79 CVE-2018-0059: A persistent cross-site scripting vulnerability in the graphical user interface of ScreenOS may allo A persistent cross-site scripting vulnerability in the graphical user interface of ScreenOS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. Affected releases ar

CVE-2018-0014 [MEDIUM] ScreenOS: Etherleak vulnerability found on ScreenOS device ScreenOS: Etherleak vulnerability found on ScreenOS device Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001. The issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25.

CVE-2017-2336 [CRITICAL] CWE-79 CVE-2017-2336: A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScr A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the attacker to effectively execute commands with the permissions o

CVE-2017-2337 [HIGH] CWE-79 CVE-2017-2337: A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetSc A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with

CVE-2017-2338 [HIGH] CWE-79 CVE-2017-2338: A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetSc A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with

CVE-2017-2339 [HIGH] CWE-79 CVE-2017-2339: A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetSc A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with

CVE-2017-2335 [HIGH] CWE-79 CVE-2017-2335: A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetSc A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with