CVE-2019-0016
Last modified
CVE-2019-0016 is a vulnerability of currently unknown severity. A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete action performed by another administrative user. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1.. EPSS estimates a 0.93% chance of exploitation in the next 30 days.
Description
A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete action performed by another administrative user. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Juniper | Junos Space | 13.3 | R1 |
| Juniper | Junos Space | 14.1 | — |
| Juniper | Junos Space | 15.1 | R1 |
| Juniper | Junos Space | 15.2 | — |
| Juniper | Junos Space | 16.1 | — |
| Juniper | Junos Space | 17.1 | R1 |
| Juniper | Junos Space | 17.2 | R1.4 |
| Juniper | Junos Space | 18.1 | R1 |
| Juniper | Junos Space | 18.2 | R1 |
References
- https://kb.juniper.net/JSA10917Vendor Advisory
- https://kb.juniper.net/JSA10917Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-0016?
How severe is CVE-2019-0016?
How do I fix CVE-2019-0016?
Are you affected by CVE-2019-0016?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST