CVE-2019-0017

The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious images or scripts, or other content types. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
juniperCNA
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
VendorProductVersion
juniperjunos_space
13.3:r1
juniperjunos_space
13.3:r2
juniperjunos_space
13.3:r3
juniperjunos_space
13.3:r4
juniperjunos_space
14.1
juniperjunos_space
14.1:r1
juniperjunos_space
14.1:r2
juniperjunos_space
14.1:r3
juniperjunos_space
15.1:r1
juniperjunos_space
15.1:r2
juniperjunos_space
15.1:r3
juniperjunos_space
15.1:r4
juniperjunos_space
15.2
juniperjunos_space
15.2:r1
juniperjunos_space
15.2:r2
juniperjunos_space
16.1
juniperjunos_space
16.1:r1
juniperjunos_space
16.1:r2
juniperjunos_space
16.1:r3
juniperjunos_space
17.1:r1
juniperjunos_space
17.2:r1.4
juniperjunos_space
18.1:r1
juniperjunos_space
18.2:r1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://kb.juniper.net/JSA10917
https://kb.juniper.net/JSA10917