CVE-2016-1265

A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors. All versions of Juniper Networks Junos Space prior to 15.1R3 are affected.

Published: Oct 13, 2017
Updated: Apr 13, 2023
CVE: CVE-2016-1265
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-200
CWE-352
CWE-255

Affected Software
References

Software	From	Fixed in
juniper / junos_space	-	15.1r2.x

https://kb.juniper.net/JSA10727

Vulnerability Database

289,697

CVE-2016-1265