Cross-Site Request Forgery (CSRF) vulnerability in Juniper Junos Space A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors.
Improper Authentication vulnerability in Juniper Junos Space 15.1/15.2 Insufficient authentication vulnerability in Junos Space before 15.2R2 allows remote network based users with access to Junos Space web interface to perform certain administrative tasks without authentication.