Vulnerability Description
A reflected cross-site scripting vulnerability in OpenNMS included with Juniper Networks Junos Space may allow the stealing of sensitive information or session credentials from Junos Space administrators or perform administrative actions. This issue affects Juniper Networks Junos Space versions prior to 18.2R1.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos Space | 18.1r1 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/105566Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1041862Third Party AdvisoryVDB Entry
- https://github.com/OpenNMS/opennms/commit/8710463077c10034fcfa06556a98fb1a1a64fdPatchThird Party Advisory
- https://kb.juniper.net/JSA10880Vendor Advisory
- http://www.securityfocus.com/bid/105566Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1041862Third Party AdvisoryVDB Entry
- https://github.com/OpenNMS/opennms/commit/8710463077c10034fcfa06556a98fb1a1a64fdPatchThird Party Advisory
- https://kb.juniper.net/JSA10880Vendor Advisory
FAQ
What is CVE-2018-0046?
CVE-2018-0046 is a vulnerability with a CVSS score of 8.8 (HIGH). A reflected cross-site scripting vulnerability in OpenNMS included with Juniper Networks Junos Space may allow the stealing of sensitive information or session credentials from Junos Space administrat...
How severe is CVE-2018-0046?
CVE-2018-0046 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-0046?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos Space.