Vulnerability Description
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the configuration by leveraging the read-only privilege, aka PR 863804.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos Space | 11.1 |
| Juniper | Junos Space Virtual Appliance | - |
| Juniper | Junos Space Ja1500 Appliance | - |
Related Weaknesses (CWE)
References
- http://kb.juniper.net/JSA10585Vendor Advisory
- http://www.securityfocus.com/bid/61794
- http://www.securitytracker.com/id/1028923
- http://kb.juniper.net/JSA10585Vendor Advisory
- http://www.securityfocus.com/bid/61794
- http://www.securitytracker.com/id/1028923
FAQ
What is CVE-2013-5096?
CVE-2013-5096 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify the...
How severe is CVE-2013-5096?
CVE-2013-5096 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5096?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos Space, Juniper Junos Space Virtual Appliance, Juniper Junos Space Ja1500 Appliance.