Vulnerabilities > Juniper > Screenos > 6.3.0

DATE CVE VULNERABILITY TITLE RISK
2017-07-17 CVE-2017-2339 Cross-site Scripting vulnerability in Juniper Screenos 6.3.0
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator.
network
low complexity
juniper CWE-79
5.4
2017-07-17 CVE-2017-2338 Cross-site Scripting vulnerability in Juniper Screenos 6.3.0
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator.
network
low complexity
juniper CWE-79
5.4
2017-07-17 CVE-2017-2337 Cross-site Scripting vulnerability in Juniper Screenos 6.3.0
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator.
network
low complexity
juniper CWE-79
5.4
2017-07-17 CVE-2017-2336 Cross-site Scripting vulnerability in Juniper Screenos 6.3.0
A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator.
network
low complexity
juniper CWE-79
5.4
2017-07-17 CVE-2017-2335 Cross-site Scripting vulnerability in Juniper Screenos 6.3.0
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator.
network
low complexity
juniper CWE-79
5.4
2016-04-15 CVE-2016-1268 Improper Input Validation vulnerability in Juniper Screenos 6.3.0
The administrative web services interface in Juniper ScreenOS before 6.3.0r21 allows remote attackers to cause a denial of service (reboot) via a crafted SSL packet.
network
low complexity
juniper CWE-20
7.5
2016-01-08 CVE-2015-7754 Improper Input Validation vulnerability in Juniper Screenos 6.3.0
Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers to cause a denial of service (system crash) or execute arbitrary code via crafted SSH negotiation.
network
high complexity
juniper CWE-20
8.1