CVE-2018-0010
MEDIUMJuniper Junos Space Security Director - Privilege Escalation via URL Reuse
Title source: llmDescription
A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. Affected releases are all versions of Junos Space Security Director prior to 17.2R1.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://kb.juniper.net/JSA10840
Scores
CVSS v3
6.5
EPSS
0.0014
EPSS Percentile
34.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-269
Status
published
Products (7)
juniper/junos_space
13.3 r1 (2 CPE variants)
juniper/junos_space
14.1 r1 (3 CPE variants)
juniper/junos_space
15.1 r1 (4 CPE variants)
juniper/junos_space
15.2 r1 (2 CPE variants)
juniper/junos_space
16.1 r1 (3 CPE variants)
juniper/junos_space
17.1 r1
juniper/junos_space
17.2 r1
Published
Jan 10, 2018
Tracked Since
Feb 18, 2026