Information disclosure in Juniper Junos Space
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-0220 |
| CWE-ID | CWE-257 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Juniper Junos Space Server applications / Remote management servers, RDP, SSH |
| Vendor | Juniper Networks, Inc. |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Storing passwords in a recoverable format
EUVDB-ID: #VU49541
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-0220
CWE-ID:
CWE-257 - Storing Passwords in a Recoverable Format
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to shared secrets are stored in recoverable format and directly exposed through the UI. A remote user can retrieve shared secrets from the system and recover them.Mitigation
Install updates from vendor's website.
Vulnerable software versionsJuniper Junos Space: before 20.3R1
CPE2.3 External linkshttps://kb.juniper.net/InfoCenter/index?page=content&id=JSA11110&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
