CVE-2016-1265

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 15.1R3

Description A remote unauthenticated network-based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross-site request forgery (CSRF), default authentication credentials, information leak, and command injection attack vectors.

Recommendations For versions prior to 15.1R3, update to version 15.1R3 or later to resolve the issue. As a temporary workaround, consider restricting access to Junos Space and changing default authentication credentials to minimize the risk of exploitation. Avoid using vulnerable API endpoints until the issue is resolved.