CVE-2016-1265 - OpenCVE

A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors. All versions of Juniper Networks Junos Space prior to 15.1R3 are affected.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Juniper	Junos Space

Configuration 1 [-]

cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://kb.juniper.net/JSA10727

History

Tue, 17 Sep 2024 02:30:00 +0000

Type	Values Removed	Values Added
Title	Junos Space: privilege escalation vulnerabilities in Junos Space	Junos Space: privilege escalation vulnerabilities in Junos Space

MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2017-10-13T17:00:00Z

Updated: 2024-09-17T02:20:41.614Z

Reserved: 2015-12-30T00:00:00

Link: CVE-2016-1265

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-10-13T17:29:00.223

Modified: 2019-10-09T23:17:15.687

Link: CVE-2016-1265

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"status": "affected", "version": "all versions prior to 15.1R2"}]}], "datePublic": "2016-04-13T00:00:00", "descriptions": [{"lang": "en", "value": "A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors. All versions of Juniper Networks Junos Space prior to 15.1R3 are affected."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Privilege escalation", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-13T16:57:01", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA10727"}], "title": "Junos Space: privilege escalation vulnerabilities in Junos Space", "workarounds": [{"lang": "en", "value": "Limit access to Junos Space from only trusted networks\nUse administrative jump boxes with no internet access and employ anti-scripting techniques.\nIn addition to the recommendations listed above, it is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the devices administrative interfaces only from trusted, administrative networks or hosts."}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2016-04-13T09:00", "ID": "CVE-2016-1265", "STATE": "PUBLIC", "TITLE": "Junos Space: privilege escalation vulnerabilities in Junos Space"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"platform": "", "version_value": "all versions prior to 15.1R2"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "configuration": [], "credit": [], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors. All versions of Juniper Networks Junos Space prior to 15.1R3 are affected."}]}, "exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Privilege escalation"}]}]}, "references": {"reference_data": [{"name": "https://kb.juniper.net/JSA10727", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA10727"}]}, "solution": "The following software releases have been updated to resolve this specific issue: Junos Space 15.1R3, 15.2R1, and all subsequent releases.", "work_around": [{"lang": "en", "value": "Limit access to Junos Space from only trusted networks\nUse administrative jump boxes with no internet access and employ anti-scripting techniques.\nIn addition to the recommendations listed above, it is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the devices administrative interfaces only from trusted, administrative networks or hosts."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:48:13.665Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.juniper.net/JSA10727"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2016-1265", "datePublished": "2017-10-13T17:00:00Z", "dateReserved": "2015-12-30T00:00:00", "dateUpdated": "2024-09-17T02:20:41.614Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*", "matchCriteriaId": "98899B94-EB36-4314-8376-8FF0F0AFA448", "versionEndIncluding": "15.1r2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors. All versions of Juniper Networks Junos Space prior to 15.1R3 are affected."}, {"lang": "es", "value": "Un atacante remoto no autenticado en una red con acceso a Junos Space podr\u00eda ejecutar c\u00f3digo arbitrario en Junos Space u obtener acceso a dispositivos gestionados por Junos Space utilizando vectores de ataque de Cross-Site Request Forgery (CSRF), credenciales de autenticaci\u00f3n por defecto, fuga de informaci\u00f3n e inyecci\u00f3n de comandos. Todas las versiones de Juniper Networks Junos Space anteriores a a 15.1R3 se ven afectadas."}], "id": "CVE-2016-1265", "lastModified": "2019-10-09T23:17:15.687", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2017-10-13T17:29:00.223", "references": [{"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA10727"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-255"}, {"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}