CVE-2018-0047— Junos Space Security Director: XSS vulnerability in web administration
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-0047
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Junos Space Security Director: XSS vulnerability in web administration
Source: NVD (National Vulnerability Database)
Vulnerability Description
A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Director may allow authenticated users to inject persistent and malicious scripts. This may allow stealing of information or performing actions as a different user when other users access the Security Director web interface. This issue affects all versions of Juniper Networks Junos Space Security Director prior to 17.2R2.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Juniper Junos Space Security Director 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Juniper Junos Space是美国瞻博网络(Juniper Networks)公司的一套网络管理解决方案。Security Director是其中的一个安全管理工具。 Junos Space Security Director 17.2R2之前版本中所使用的UI框架存在跨站脚本漏洞。远程攻击者可利用该漏洞注入恶意的脚本并可能窃取信息或以其他用户身份执行操作。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Juniper Networks | Junos Space Security Director | unspecified ~ 17.2R2 | - |
II. Public POCs for CVE-2018-0047
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-0047
请登录查看更多情报信息。
Same Patch Batch · Juniper Networks · 2018-10-10 · 21 CVEs total
| CVE-2018-0054 | QFX5000/EX4600 Series: Routing protocol flap upon receipt of high rate of Ethernet frames | |
| CVE-2018-0063 | Junos OS: Nexthop index allocation failed: private index space exhausted after incoming AR | |
| CVE-2018-0062 | Junos OS: Denial of Service in J-Web | |
| CVE-2018-0061 | Junos OS: Denial of service in telnetd | |
| CVE-2018-0060 | Junos OS: Invalid IP/mask learned from DHCP server might cause device control daemon (dcd) | |
| CVE-2018-0059 | ScreenOS: Stored Cross-Site Scripting (XSS) vulnerability | |
| CVE-2018-0058 | MX Series: In BBE configurations, receipt of a crafted IPv6 exception packet causes a Deni | |
| CVE-2018-0057 | Junos OS: authd allows assignment of IP address requested by DHCP subscriber logging in wi | |
| CVE-2018-0056 | MX Series: L2ALD daemon may crash if a duplicate MAC is learned by two different interface | |
| CVE-2018-0055 | Junos OS: jdhcpd process crash during processing of specially crafted DHCPv6 message | |
| CVE-2018-0043 | Junos OS: RPD daemon crashes upon receipt of specific MPLS packet | |
| CVE-2018-0053 | vSRX Series: A local authentication vulnerability may lead to full control of a vSRX insta | |
| CVE-2018-0052 | Junos OS: Unauthenticated remote root access possible when RSH service is enabled | |
| CVE-2018-0051 | Junos OS: Denial of Service vulnerability in MS-PIC, MS-MIC, MS-MPC, MS-DPC and SRX flow d | |
| CVE-2018-0050 | Junos OS: Receipt of a malformed MPLS RSVP packet leads to a Routing Protocols Daemon (RPD | |
| CVE-2018-0049 | Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel | |
| CVE-2018-0048 | Junos OS: Memory exhaustion denial of service vulnerability in Routing Protocols Daemon (R | |
| CVE-2018-0046 | Junos Space: Reflected Cross-site Scripting vulnerability in OpenNMS | |
| CVE-2018-0045 | Junos OS: RPD daemon crashes due to receipt of specific Draft-Rosen MVPN control packet in | |
| CVE-2018-0044 | NFX Series: Insecure sshd configuration in Juniper Device Manager (JDM) and host OS |
IV. Related Vulnerabilities
Same vendor: Juniper Networks
- CVE-2026-33791
Junos OS and Junos OS Evolved: Execution of crafted CLI comm - CVE-2026-33790
Junos OS: SRX Series: In a NAT64 configuration, receipt of a - CVE-2026-33787
Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specifi - CVE-2026-33785
Junos OS: MX Series: Missing Authorization for specific 'req - CVE-2026-33784
JSI Virtual Lightweight Collector: Default password is not r
V. Comments for CVE-2018-0047
No comments yet