CVE-2009-3487 in Junos정보

요약

\~에 의해 MITRE

Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the jexec program; the (2) act, (3) refresh-time, or (4) ifid parameter to scripter.php; (5) the revision parameter in a rollback action to the configuration program; the m[] parameter to the (6) monitor, (7) manage, (8) events, (9) configuration, or (10) alarms program; (11) the m[] parameter to the default URI; (12) the m[] parameter in a browse action to the default URI; (13) the wizard-next parameter in an https action to the configuration program; or the (14) Contact Information, (15) System Description, (16) Local Engine ID, (17) System Location, or (18) System Name Override SNMP parameter, related to the configuration program.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

예약하다

2009. 09. 30.

공개

2009. 09. 30.

모더레이션

수락

항목

VDB-50299

CPE

준비됨

CWE

CWE-79 (확인됨)

익스플로잇

다운로드

CVSS

3.5 (NVD)

EPSS

0.01248

KEV

아니요

활동

매우 낮음

부문

Chemical, Hospital, ...

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2009-3487
NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-3487
CVE Details	https://www.cvedetails.com/cve/CVE-2009-3487/

◂ 이전 개요 다음 ▸

Want to know what is going to be exploited?

We predict KEV entries!