CVE-2016-4926

CRITICAL

Juniper Junos Space < 15.2 - Authentication Bypass

Title source: rule

Description

Insufficient authentication vulnerability in Junos Space before 15.2R2 allows remote network based users with access to Junos Space web interface to perform certain administrative tasks without authentication.

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/93540

[Vendor Advisory] https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10760

Scores

CVSS v3 9.8

EPSS 0.0364

EPSS Percentile 87.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-287

Status draft

Affected Products (1)

juniper/junos_space < 15.2

Timeline

Published Mar 20, 2017

Tracked Since Feb 18, 2026