VYPR
Unrated severityNVD Advisory· Published Jan 15, 2019· Updated Sep 16, 2024

Junos Space: Authenticated user able to delete devices without delete device privileges

CVE-2019-0016

Description

A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete action performed by another administrative user. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.