Description
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/61794
Vendor Advisory x_refsource_confirm
http://kb.juniper.net/JSA10585
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1028923
Scores
EPSS
0.0019
EPSS Percentile
40.9%
Details
CWE
CWE-264
Status
published
Products (9)
juniper/junos_space
11.1
juniper/junos_space
11.2
juniper/junos_space
11.3
juniper/junos_space
11.4
juniper/junos_space
12.1
juniper/junos_space
12.2
juniper/junos_space
12.3
juniper/junos_space_ja1500_appliance
juniper/junos_space_virtual_appliance
Published
Aug 16, 2013
Tracked Since
Feb 18, 2026