VYPR

Junos Space

by Juniper Networks

CVEs (77)

  • CVE-2025-59992Oct 9, 2025
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Secure Console page that, when visited by another user, enables the attacker to execute commands…

  • CVE-2025-59991Oct 9, 2025
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Management pages that, when visited by another user, enable the attacker to execute…

  • CVE-2025-59990Oct 9, 2025
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the template creation pages that, when visited by another user, enable the attacker to execute…

  • CVE-2025-59989Oct 9, 2025
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Discovery page that, when visited by another user, enables the attacker to execute…

  • CVE-2025-59988Oct 9, 2025
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Generate Report page that, when visited by another user, enables the attacker to execute commands…

  • CVE-2025-59987Oct 9, 2025
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the arbitrary device search field that, when visited by another user, enables the attacker to…

  • CVE-2025-59986Oct 9, 2025
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the input fields in Model Devices that, when visited by another user, enables the attacker to…

  • CVE-2025-59985Oct 9, 2025
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in a field on the Purging Policy page that, when visited by another user, enables the attacker to…

  • CVE-2025-59984Oct 9, 2025
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in Global Search that, when visited by another user, enables the attacker to execute commands with the…

  • CVE-2025-59983Oct 9, 2025
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Template Definition page, when visited by another user, enables the attacker to execute…

  • CVE-2025-59982Oct 9, 2025
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the dashboard search field that, when visited by another user, enables the attacker to execute…

  • CVE-2025-59981Oct 9, 2025
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Template Definition page that, when visited by another user, enables the attacker to…

  • CVE-2025-59978Oct 9, 2025
    risk 0.00cvss epss 0.01

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to store script tags directly in web pages that, when viewed by another user, enable the attacker to execute commands with the…

  • CVE-2025-59976Oct 9, 2025
    risk 0.00cvss epss 0.00

    An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space allows a network-based authenticated attacker using a crafted GET method to access any file on the file system. Using specially crafted GET methods, an attacker can gain access to files…

  • CVE-2025-59975Oct 9, 2025
    risk 0.00cvss epss 0.00

    An Uncontrolled Resource Consumption vulnerability in the HTTP daemon (httpd) of Juniper Networks Junos Space allows an unauthenticated network-based attacker flooding the device with inbound API calls to consume all resources on the system, leading to a Denial of Service (DoS).…

  • CVE-2024-39563Oct 11, 2024
    risk 0.00cvss epss 0.01

    A Command Injection vulnerability in Juniper Networks Junos Space allows an unauthenticated, network-based attacker sending a specially crafted request to execute arbitrary shell commands on the Junos Space Appliance, leading to remote command execution by the web…

  • CVE-2021-0220Jan 15, 2021
    risk 0.00cvss epss 0.01

    The Junos Space Network Management Platform has been found to store shared secrets in a recoverable format that can be exposed through the UI. An attacker who is able to execute arbitrary code in the victim browser (for example via XSS) or access cached contents may be able to…

  • CVE-2020-1652Jul 17, 2020
    risk 0.00cvss epss 0.01

    OpenNMS is accessible via port 9443

  • CVE-2020-1611Jan 15, 2020
    risk 0.00cvss epss 0.02

    A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Networks Junos Space versions prior to 19.4R1.

  • CVE-2019-0016Jan 15, 2019
    risk 0.00cvss epss 0.01

    A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete action performed by another administrative user. Affected releases are Juniper…