Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2021-0210 | First vendor Publication | 2021-01-15 |
Vendor | Cve | Last vendor Modification | 2021-02-05 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N | |||
---|---|---|---|
Overall CVSS Score | 6.8 | ||
Base Score | 6.8 | Environmental Score | 6.8 |
impact SubScore | 5.2 | Temporal Score | 6.8 |
Exploitabality Sub Score | 1.6 | ||
Attack Vector | Network | Attack Complexity | High |
Privileges Required | None | User Interaction | Required |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | None |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
An Information Exposure vulnerability in J-Web of Juniper Networks Junos OS allows an unauthenticated attacker to elevate their privileges over the target system through opportunistic use of an authenticated users session. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S17; 17.3 versions prior to 17.3R3-S10; 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.3 versions prior to 18.3R2-S4, 18.3R3-S4; 18.4 versions prior to 18.4R2-S5, 18.4R3-S5; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S3; 19.2 versions prior to 19.2R1-S5, 19.2R3, 19.2R3-S1; 19.3 versions prior to 19.3R2-S4, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R1-S4, 20.1R2; 20.2 versions prior to 20.2R1-S1, 20.2R2. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0210 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-200 | Information Exposure |
CPE : Common Platform Enumeration
Sources (Detail)
Source | Url |
---|---|
CONFIRM | https://kb.juniper.net/JSA11100 |
Alert History
Date | Informations |
---|---|
2021-06-24 12:38:53 |
|
2021-05-04 14:06:43 |
|
2021-04-22 03:11:37 |
|
2021-02-06 12:33:07 |
|
2021-01-22 21:23:24 |
|
2021-01-16 01:33:03 |
|
2021-01-16 01:32:50 |
|
2021-01-16 00:22:54 |
|
2021-01-15 21:23:27 |
|