CVE-2016-1265
Last modified
CVE-2016-1265 is a vulnerability of currently unknown severity. A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors. All versions of Juniper Networks Junos Space prior to 15.1R3 are affected.. EPSS estimates a 2.30% chance of exploitation in the next 30 days.
Description
A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors. All versions of Juniper Networks Junos Space prior to 15.1R3 are affected.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos Space | <= 15.1r2 |
References
- https://kb.juniper.net/JSA10727Vendor Advisory
- https://kb.juniper.net/JSA10727Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-1265?
How severe is CVE-2016-1265?
How do I fix CVE-2016-1265?
Are you affected by CVE-2016-1265?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST