Description
An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issue only affects Junos Space Network Management Platform 17.1R1 without Patch v1 and 16.1 releases prior to 16.1R3. This issue was found by an external security researcher.
CVSS breakdown
CVSS 3.0
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Juniper Networks / Junos Space17.1R1 without Patch-v1 – 17.1R1 without Patch-v1
- Juniper Networks / Junos Space16.1 releases prior to 16.1R3 – 16.1 releases prior to 16.1R3