Back to search
CVE-2016-1261
Published: Oct 13, 2017
Modified: Sep 16, 2024
PUBLISHED
CVSS v3.0
7.1
HIGH
Description
J-Web does not validate certain input that may lead to cross-site request forgery (CSRF) issues or cause a denial of J-Web service (DoS).
| Vendor | Product | Versions |
|---|---|---|
Juniper Networks | Junos OS | affected 12.1X44 prior to 12.1X44-D55affected 12.1X46 prior to 12.1X46-D45affected 12.1X47 prior to 12.1X47-D30affected 12.3 prior to 12.3R11affected 12.3X48 prior to 12.3X48-D30+7 more versions |
CVSS v3.0 Details
CVSS v3.0 Vector
CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
References
https://kb.juniper.net/JSA10723
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now