CVE-2014-3413
CRITICALJuniper Junos Space - Use of Hard-coded Credentials in MySQL Server
Title source: llmDescription
The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers to obtain sensitive information and consequently obtain administrative control by leveraging database access.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2014-01
Vendor Advisory x_refsource_confirm
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10627
Scores
CVSS v3
9.8
EPSS
0.0166
EPSS Percentile
82.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-798
Status
published
Products (1)
juniper/junos_space
13.3 r1.1 (7 CPE variants)
Published
Apr 05, 2018
Tracked Since
Feb 18, 2026