Details of VAR-201703-0039

ID

VAR-201703-0039

CVE

CVE-2016-4927

TITLE

Junos Space Vulnerable to man-in-the-middle attacks

Trust: 0.8

sources: JVNDB: JVNDB-2016-008029

DESCRIPTION

Insufficient validation of SSH keys in Junos Space before 15.2R2 allows man-in-the-middle (MITM) type of attacks while a Space device is communicating with managed devices. Juniper Junos Space is prone to the following multiple security issues: 1. Cross-site scripting vulnerability 2. Cross-site request-forgery vulnerability 3. Authentication-bypass vulnerability 4. An XML external entity injection vulnerability 5. A command-injection vulnerability 6. A security-bypass vulnerability An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary commands in the context of the application, perform certain administrative actions, gain unauthorized access, bypass certain security restrictions or cause denial-of-service conditions. Juniper Networks Junos Space is a set of network management solutions of Juniper Networks (Juniper Networks). The solution supports automated configuration, monitoring, and troubleshooting of devices and services throughout their lifecycle. A security vulnerability exists in Juniper Networks Junos Space versions prior to 15.2R2 where the program does not adequately validate SSH keys

Trust: 1.98

sources: NVD: CVE-2016-4927 // JVNDB: JVNDB-2016-008029 // BID: 93540 // VULHUB: VHN-93746

AFFECTED PRODUCTS

vendor:	juniper	model:	junos space	scope:	lte	version:	15.2	Trust: 1.0
vendor:	juniper	model:	junos space	scope:	eq	version:	15.2	Trust: 0.9
vendor:	juniper	model:	junos space	scope:	lt	version:	15.2r2	Trust: 0.8
vendor:	juniper	model:	junos space 15.2r1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos space 15.2r2	scope:	ne	version:	-	Trust: 0.3

sources: BID: 93540 // JVNDB: JVNDB-2016-008029 // CNNVD: CNNVD-201610-462 // NVD: CVE-2016-4927

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-4927
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-4927
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201610-462
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-93746
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-4927
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-93746
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-4927
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-93746 // JVNDB: JVNDB-2016-008029 // CNNVD: CNNVD-201610-462 // NVD: CVE-2016-4927

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-93746 // JVNDB: JVNDB-2016-008029 // NVD: CVE-2016-4927

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-462

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201610-462

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-008029

PATCH

title:	JSA10760	url:	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10760	Trust: 0.8
title:	Juniper Junos Space Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64833	Trust: 0.6

sources: JVNDB: JVNDB-2016-008029 // CNNVD: CNNVD-201610-462

EXTERNAL IDS

db:	NVD	id:	CVE-2016-4927	Trust: 2.8
db:	BID	id:	93540	Trust: 2.0
db:	JUNIPER	id:	JSA10760	Trust: 2.0
db:	JVNDB	id:	JVNDB-2016-008029	Trust: 0.8
db:	CNNVD	id:	CNNVD-201610-462	Trust: 0.7
db:	VULHUB	id:	VHN-93746	Trust: 0.1

sources: VULHUB: VHN-93746 // BID: 93540 // JVNDB: JVNDB-2016-008029 // CNNVD: CNNVD-201610-462 // NVD: CVE-2016-4927

REFERENCES

url:	http://www.securityfocus.com/bid/93540	Trust: 1.7
url:	https://kb.juniper.net/infocenter/index?page=content&id=jsa10760	Trust: 1.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4927	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4927	Trust: 0.8
url:	http://www.juniper.net/	Trust: 0.3
url:	http://www.juniper.net/au/en/products-services/software/junos-platform/junos-space/	Trust: 0.3
url:	https://kb.juniper.net/infocenter/index?page=content&id=jsa10760&cat=sirt_1&actp=list	Trust: 0.3
url:	https://kb.juniper.net/infocenter/index?page=content&id=jsa10760	Trust: 0.1

sources: VULHUB: VHN-93746 // BID: 93540 // JVNDB: JVNDB-2016-008029 // CNNVD: CNNVD-201610-462 // NVD: CVE-2016-4927

CREDITS

The vendor reported the issue.

Trust: 0.3

sources: BID: 93540

SOURCES

db:	VULHUB	id:	VHN-93746
db:	BID	id:	93540
db:	JVNDB	id:	JVNDB-2016-008029
db:	CNNVD	id:	CNNVD-201610-462
db:	NVD	id:	CVE-2016-4927

LAST UPDATE DATE

2024-11-23T22:07:37.807000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-93746	date:	2017-03-22T00:00:00
db:	BID	id:	93540	date:	2016-10-26T02:07:00
db:	JVNDB	id:	JVNDB-2016-008029	date:	2017-04-17T00:00:00
db:	CNNVD	id:	CNNVD-201610-462	date:	2017-03-21T00:00:00
db:	NVD	id:	CVE-2016-4927	date:	2024-11-21T02:53:15.147

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-93746	date:	2017-03-20T00:00:00
db:	BID	id:	93540	date:	2016-10-12T00:00:00
db:	JVNDB	id:	JVNDB-2016-008029	date:	2017-04-17T00:00:00
db:	CNNVD	id:	CNNVD-201610-462	date:	2016-10-18T00:00:00
db:	NVD	id:	CVE-2016-4927	date:	2017-03-20T20:59:00.203