CVE-2013-5096

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804.

Published: Aug 16, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-5096
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
juniper / junos_space	11.1	11.1.x
juniper / junos_space	11.2	11.2.x
juniper / junos_space	11.3	11.3.x
juniper / junos_space	11.4	11.4.x
juniper / junos_space	12.1	12.1.x
juniper / junos_space	12.2	12.2.x
juniper / junos_space	12.3	12.3.x

http://kb.juniper.net/JSA10585
http://www.securityfocus.com/bid/61794
http://www.securitytracker.com/id/1028923

Vulnerability Database

CVE-2013-5096

Deep Security Visibility Without the Complexity