Vulnerabilities > Juniper > Paragon Active Assurance Control Center > 2.36

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-18	CVE-2022-22229	Cross-site Scripting vulnerability in Juniper Paragon Active Assurance Control Center An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability, a stored XSS (or persistent), in the Control Center Controller web pages of Juniper Networks Paragon Active Assurance (Formerly Netrounds) allows a high-privilege attacker with 'WRITE' permissions to store one or more malicious scripts that will infect any other authorized user's account when they accidentally trigger the malicious script(s) while managing the device. network low complexity juniper CWE-79	8.4
2021-04-22	CVE-2021-0232	Authentication Bypass by Spoofing vulnerability in multiple products An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control Center may allow an attacker with specific information about the deployment to mimic an already registered Test Agent and access its configuration including associated inventory details. network high complexity juniper fedoraproject CWE-290	7.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.