Sign-up

ID

VAR-201801-1083


CVE

CVE-2018-0013


TITLE

Juniper Networks Junos Space Network Management Platform Vulnerable to information disclosure

Trust: 0.8

sources: JVNDB: JVNDB-2018-001372

DESCRIPTION

A local file inclusion vulnerability in Juniper Networks Junos Space Network Management Platform may allow an authenticated user to retrieve files from the system. The platform enables automated configuration, monitoring and troubleshooting of devices and services throughout their lifecycle. An attacker could exploit this vulnerability to retrieve files from the system

Trust: 1.71

sources: NVD: CVE-2018-0013 // JVNDB: JVNDB-2018-001372 // VULHUB: VHN-118215

AFFECTED PRODUCTS

vendor:junipermodel:junos spacescope:eqversion: -

Trust: 1.6

vendor:junipermodel:junos spacescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2018-001372 // CNNVD: CNNVD-201801-357 // NVD: CVE-2018-0013

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0013
value: MEDIUM

Trust: 1.0

sirt@juniper.net: CVE-2018-0013
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-0013
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201801-357
value: MEDIUM

Trust: 0.6

VULHUB: VHN-118215
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0013
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118215
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0013
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 2.8

sources: VULHUB: VHN-118215 // JVNDB: JVNDB-2018-001372 // CNNVD: CNNVD-201801-357 // NVD: CVE-2018-0013 // NVD: CVE-2018-0013

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-118215 // JVNDB: JVNDB-2018-001372 // NVD: CVE-2018-0013

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201801-357

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201801-357

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-001372

PATCH
title:JSA10838url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10838&actp=METADATA
Trust: 0.8
title:Juniper Junos Space Network Management Platform Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77619
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-001372 // 
            
            
            
            CNNVD: CNNVD-201801-357

EXTERNAL IDS
db:NVDid:CVE-2018-0013
Trust: 2.5
db:JUNIPERid:JSA10838
Trust: 1.7
db:SECTRACKid:1040189
Trust: 1.7
db:JVNDBid:JVNDB-2018-001372
Trust: 0.8
db:CNNVDid:CNNVD-201801-357
Trust: 0.7
db:VULHUBid:VHN-118215
Trust: 0.1
sources:
            
            
            VULHUB: VHN-118215 // 
            
            
            
            JVNDB: JVNDB-2018-001372 // 
            
            
            
            CNNVD: CNNVD-201801-357 // 
            
            
            
            NVD: CVE-2018-0013

REFERENCES
url:https://kb.juniper.net/jsa10838
Trust: 1.7
url:http://www.securitytracker.com/id/1040189
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0013
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0013
Trust: 0.8
sources:
            
            
            VULHUB: VHN-118215 // 
            
            
            
            JVNDB: JVNDB-2018-001372 // 
            
            
            
            CNNVD: CNNVD-201801-357 // 
            
            
            
            NVD: CVE-2018-0013

SOURCES
db:VULHUBid:VHN-118215
db:JVNDBid:JVNDB-2018-001372
db:CNNVDid:CNNVD-201801-357
db:NVDid:CVE-2018-0013

LAST UPDATE DATE
2024-11-23T22:07:01.452000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-118215date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2018-001372date:2018-02-09T00:00:00
db:CNNVDid:CNNVD-201801-357date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0013date:2024-11-21T03:37:21.480

SOURCES RELEASE DATE
db:VULHUBid:VHN-118215date:2018-01-10T00:00:00
db:JVNDBid:JVNDB-2018-001372date:2018-02-09T00:00:00
db:CNNVDid:CNNVD-201801-357date:2018-01-11T00:00:00
db:NVDid:CVE-2018-0013date:2018-01-10T22:29:01.417