ID

VAR-201703-0038


CVE

CVE-2016-4926


TITLE

Junos Space Vulnerabilities that allow certain management tasks to be performed without authentication

Trust: 0.8

sources: JVNDB: JVNDB-2016-008028

DESCRIPTION

Insufficient authentication vulnerability in Junos Space before 15.2R2 allows remote network based users with access to Junos Space web interface to perform certain administrative tasks without authentication. Juniper Junos Space is prone to the following multiple security issues: 1. Cross-site scripting vulnerability 2. Cross-site request-forgery vulnerability 3. Authentication-bypass vulnerability 4. An XML external entity injection vulnerability 5. A command-injection vulnerability 6. A security-bypass vulnerability An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary commands in the context of the application, perform certain administrative actions, gain unauthorized access, bypass certain security restrictions or cause denial-of-service conditions. Juniper Networks Junos Space is a set of network management solutions of Juniper Networks (Juniper Networks). The solution supports automated configuration, monitoring, and troubleshooting of devices and services throughout their lifecycle. A remote attacker could exploit this vulnerability to perform unauthorized operations

Trust: 1.98

sources: NVD: CVE-2016-4926 // JVNDB: JVNDB-2016-008028 // BID: 93540 // VULHUB: VHN-93745

AFFECTED PRODUCTS

vendor:junipermodel:junos spacescope:lteversion:15.2

Trust: 1.0

vendor:junipermodel:junos spacescope:eqversion:15.2

Trust: 0.9

vendor:junipermodel:junos spacescope:ltversion:15.2r2

Trust: 0.8

vendor:junipermodel:junos space 15.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos space 15.2r2scope:neversion: -

Trust: 0.3

sources: BID: 93540 // JVNDB: JVNDB-2016-008028 // CNNVD: CNNVD-201610-461 // NVD: CVE-2016-4926

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4926
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-4926
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201610-461
value: HIGH

Trust: 0.6

VULHUB: VHN-93745
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-4926
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-93745
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-4926
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-93745 // JVNDB: JVNDB-2016-008028 // CNNVD: CNNVD-201610-461 // NVD: CVE-2016-4926

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-93745 // JVNDB: JVNDB-2016-008028 // NVD: CVE-2016-4926

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-461

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201610-461

CONFIGURATIONS

[
  {
    "CVE_data_version": "4.0",
    "nodes": [
      {
        "operator": "OR",
        "cpe_match": [
          {
            "vulnerable": true,
            "cpe22Uri": "cpe:/a:juniper:junos_space"
          }
        ]
      }
    ]
  }
]

sources: JVNDB: JVNDB-2016-008028

PATCH

title:JSA10760url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10760

Trust: 0.8

title:Juniper Junos Space Fixes for authentication bypassing vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64832

Trust: 0.6

sources: JVNDB: JVNDB-2016-008028 // CNNVD: CNNVD-201610-461

EXTERNAL IDS

db:NVDid:CVE-2016-4926

Trust: 2.8

db:BIDid:93540

Trust: 2.0

db:JUNIPERid:JSA10760

Trust: 2.0

db:JVNDBid:JVNDB-2016-008028

Trust: 0.8

db:CNNVDid:CNNVD-201610-461

Trust: 0.7

db:VULHUBid:VHN-93745

Trust: 0.1

sources: VULHUB: VHN-93745 // BID: 93540 // JVNDB: JVNDB-2016-008028 // CNNVD: CNNVD-201610-461 // NVD: CVE-2016-4926

REFERENCES

url:http://www.securityfocus.com/bid/93540

Trust: 1.7

url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10760

Trust: 1.6

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4926

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2016-4926

Trust: 0.8

url:http://www.juniper.net/

Trust: 0.3

url:http://www.juniper.net/au/en/products-services/software/junos-platform/junos-space/

Trust: 0.3

url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10760&cat=sirt_1&actp=list

Trust: 0.3

url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10760

Trust: 0.1

sources: VULHUB: VHN-93745 // BID: 93540 // JVNDB: JVNDB-2016-008028 // CNNVD: CNNVD-201610-461 // NVD: CVE-2016-4926

CREDITS

The vendor reported the issue.

Trust: 0.3

sources: BID: 93540

SOURCES

db:VULHUBid:VHN-93745
db:BIDid:93540
db:JVNDBid:JVNDB-2016-008028
db:CNNVDid:CNNVD-201610-461
db:NVDid:CVE-2016-4926

LAST UPDATE DATE

2024-11-23T22:07:37.839000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-93745date:2017-03-22T00:00:00
db:BIDid:93540date:2016-10-26T02:07:00
db:JVNDBid:JVNDB-2016-008028date:2017-04-17T00:00:00
db:CNNVDid:CNNVD-201610-461date:2017-03-21T00:00:00
db:NVDid:CVE-2016-4926date:2024-11-21T02:53:15.030

SOURCES RELEASE DATE

db:VULHUBid:VHN-93745date:2017-03-20T00:00:00
db:BIDid:93540date:2016-10-12T00:00:00
db:JVNDBid:JVNDB-2016-008028date:2017-04-17T00:00:00
db:CNNVDid:CNNVD-201610-461date:2016-10-18T00:00:00
db:NVDid:CVE-2016-4926date:2017-03-20T20:59:00.157