Vulnerabilities > Juniper > Junos Space > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-04-05 CVE-2014-3413 Use of Hard-coded Credentials vulnerability in Juniper Junos Space 13.3
The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers to obtain sensitive information and consequently obtain administrative control by leveraging database access.
network
low complexity
juniper CWE-798
critical
 10.0
10
2017-10-13 CVE-2017-10622 Improper Authentication vulnerability in Juniper Junos Space 16.1/17.1
An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user.
network
low complexity
juniper CWE-287
critical
 10.0
10
2017-03-20 CVE-2016-4929 Command Injection vulnerability in Juniper Junos Space 15.1/15.2
Command injection vulnerability in Junos Space before 15.2R2 allows attackers to execute arbitrary code as a root user.
network
low complexity
juniper CWE-77
critical
 9.0
9.0
2014-05-20 CVE-2014-3412 Remote Code Execution vulnerability in Juniper products
Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors.
network
low complexity
juniper
critical
 10.0
10
2014-04-16 CVE-2014-2421 Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
network
low complexity
canonical oracle juniper debian ibm
critical
 10.0
10
2014-04-16 CVE-2014-0456 Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
network
low complexity
canonical oracle juniper debian ibm
critical
 10.0
10
2014-04-16 CVE-2014-0457 Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
network
low complexity
oracle canonical juniper debian ibm
critical
 10.0
10
2014-04-16 CVE-2014-0429 Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
network
low complexity
canonical oracle juniper debian ibm
critical
 10.0
10