Show plain JSON{"id": "CVE-2019-0017", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2019-01-15T21:29:01.493", "references": [{"url": "https://kb.juniper.net/JSA10917", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}, {"url": "https://kb.juniper.net/JSA10917", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious images or scripts, or other content types. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1."}, {"lang": "es", "value": "La aplicaci\u00f3n de Junos Space, que permite que los archivos Device Image se suban, tiene una comprobaci\u00f3n de validez insuficiente, lo que podr\u00eda permitir la subida de im\u00e1genes o scripts, as\u00ed como otros tipos de contenido. Las distribuciones afectadas son: Junos Space en todas sus versiones anteriores a la 18.3R1."}], "lastModified": "2024-11-21T04:16:03.543", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:juniper:junos_space:13.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B610137-66AC-43D3-BBAE-4390011C20AC"}, {"criteria": "cpe:2.3:a:juniper:junos_space:13.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D81E5484-5C0D-44CB-90A8-65EE4E7D4F92"}, {"criteria": "cpe:2.3:a:juniper:junos_space:13.3:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EDD9296-6FB1-45E2-80EE-9F0F84CAFC94"}, {"criteria": "cpe:2.3:a:juniper:junos_space:13.3:r4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A53A9542-72FD-40E8-94F1-C7C0D776D726"}, {"criteria": "cpe:2.3:a:juniper:junos_space:14.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC29AA1D-4CBC-413A-9333-72F3616CE918"}, {"criteria": "cpe:2.3:a:juniper:junos_space:14.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00FCCF10-B612-46FC-94E6-70082F2E1091"}, {"criteria": "cpe:2.3:a:juniper:junos_space:14.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5F85CA0-36F3-48EE-8D35-A986412C91D9"}, {"criteria": "cpe:2.3:a:juniper:junos_space:14.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61813043-BAED-4803-9D5B-7B7E113D2FBD"}, {"criteria": "cpe:2.3:a:juniper:junos_space:15.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A3698B1-CC10-40D0-872C-417263C7A949"}, {"criteria": "cpe:2.3:a:juniper:junos_space:15.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5A79F3A-80B9-4D98-92EE-681ED2E716B8"}, {"criteria": "cpe:2.3:a:juniper:junos_space:15.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD833CE8-F37B-4EEB-9DD3-E8A8BB121390"}, {"criteria": "cpe:2.3:a:juniper:junos_space:15.1:r4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E4B00D0-93F9-4145-BA91-6F4A66F19854"}, {"criteria": "cpe:2.3:a:juniper:junos_space:15.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74CB3FCB-192A-48A7-9FF3-3D228729AC60"}, {"criteria": "cpe:2.3:a:juniper:junos_space:15.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1107BD8-2F96-4788-A478-C0D7B9D22688"}, {"criteria": "cpe:2.3:a:juniper:junos_space:15.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "139FA36E-582D-41E9-AC4F-9BD49C844039"}, {"criteria": "cpe:2.3:a:juniper:junos_space:16.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EB54773-A54F-4D9E-B213-464421B4FA88"}, {"criteria": "cpe:2.3:a:juniper:junos_space:16.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC8CBF0A-310F-41EB-B377-F08FE03E3867"}, {"criteria": "cpe:2.3:a:juniper:junos_space:16.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62BB74B8-C90B-4CA1-B8CE-29F8D42D4B46"}, {"criteria": "cpe:2.3:a:juniper:junos_space:16.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44855E13-5493-4362-B7E8-5A1A6F299FFC"}, {"criteria": "cpe:2.3:a:juniper:junos_space:17.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "430F2EBF-09EB-4F48-ACF8-8B4EDF83E284"}, {"criteria": "cpe:2.3:a:juniper:junos_space:17.2:r1.4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE35151C-FCF6-4A89-8283-B24225019241"}, {"criteria": "cpe:2.3:a:juniper:junos_space:18.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7398A446-3A15-40C5-A76A-042D6FA9221C"}, {"criteria": "cpe:2.3:a:juniper:junos_space:18.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4337421-61DB-4469-868E-E8A04BE01B46"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}