Vulnerability CVE-2013-3497


Published: 2013-05-08   Modified: 2013-05-09

Description:
Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.

Type:

CWE-255

(Credentials Management)

CVSS2 => (AV:L/AC:M/Au:N/C:C/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.7/10
6.9/10
3.4/10
Exploit range
Attack complexity
Authentication
Local
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
None
None
Affected software
Juniper -> Junos space 
Juniper -> Junos space virtual appliance 
Juniper -> Junos space ja1500 appliance 

 References:
https://kb.juniper.net/KB27374
http://xforce.iss.net/xforce/xfdb/84109
http://www.securityfocus.com/bid/59760
http://osvdb.org/93112

Copyright 2024, cxsecurity.com

 

Back to Top