CVE-2013-3497

Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.

Published: May 9, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-3497
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.7
AV:L/AC:M/Au:N/C:C/I:N/A:N

CWEs:

CWE-255

Affected Software
References

Software	From	Fixed in
juniper / junos_space	-	12.3.x
juniper / junos_space	1.0	1.0.x
juniper / junos_space	1.1	1.1.x
juniper / junos_space	1.2	1.2.x
juniper / junos_space	1.3	1.3.x
juniper / junos_space	1.4	1.4.x
juniper / junos_space	2.0	2.0.x
juniper / junos_space	11.1	11.1.x
juniper / junos_space	11.2	11.2.x
juniper / junos_space	11.3	11.3.x
juniper / junos_space	11.4	11.4.x
juniper / junos_space	12.1	12.1.x
juniper / junos_space	12.2	12.2.x

http://osvdb.org/93112
http://www.securityfocus.com/bid/59760
https://exchange.xforce.ibmcloud.com/vulnerabilities/84109
https://kb.juniper.net/KB27374

Vulnerability Database

289,697

CVE-2013-3497