CVE-2018-0010

A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. Affected releases are all versions of Junos Space Security Director prior to 17.2R1.

Published: Jan 10, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-0010
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:P/A:N

CWEs:

CWE-269

Affected Software
References

Software	From	Fixed in
juniper / junos_space	15.1-r1	15.1-r1.x
juniper / junos_space	17.1-r1	17.1-r1.x
juniper / junos_space	16.1-r1	16.1-r1.x
juniper / junos_space	16.1-r2	16.1-r2.x
juniper / junos_space	17.2-r1	17.2-r1.x
juniper / junos_space	13.3-r2	13.3-r2.x
juniper / junos_space	14.1-r2	14.1-r2.x
juniper / junos_space	14.1-r3	14.1-r3.x
juniper / junos_space	15.1-r2	15.1-r2.x
juniper / junos_space	15.1-r3	15.1-r3.x
juniper / junos_space	15.1-r4	15.1-r4.x
juniper / junos_space	15.2-r2	15.2-r2.x
juniper / junos_space	16.1-r3	16.1-r3.x
juniper / junos_space	15.2-r1	15.2-r1.x
juniper / junos_space	14.1-r1	14.1-r1.x
juniper / junos_space	13.3-r1	13.3-r1.x

https://kb.juniper.net/JSA10840

Vulnerability Database

289,599

CVE-2018-0010