PT-2018-8591 · Juniper Networks · Screenos
Published
2018-10-10
·
Updated
2019-10-09
·
CVE-2018-0059
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
Juniper Networks ScreenOS versions prior to 6.3.0r26
Description:
A persistent cross-site scripting issue in the graphical user interface of ScreenOS may allow a remote authenticated user to inject web script or HTML, potentially stealing sensitive data and credentials from a web administration session. This could trick a subsequent administrative user into performing unintended administrative actions on the device.
Recommendations:
For versions prior to 6.3.0r26, update to version 6.3.0r26 or later to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Screenos