Rapid7 Vulnerability & Exploit Database

Juniper Junos OS: Cross-Site Scripting (XSS) in the JUNOS web management console allows unauthorized access. (JSA10406)

Back to Search

Juniper Junos OS: Cross-Site Scripting (XSS) in the JUNOS web management console allows unauthorized access. (JSA10406)

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
03/01/2009
Created
07/25/2018
Added
05/07/2014
Modified
05/07/2014

Description

vulnerability related to DNS Cache Poisoning was recently disclosed (see Juniper Networks PSN-2008-06-040). In order to address this vulnerability, operating systems were modified to use random source ports for all DNS queries originated on the device. While deploying this modified code, it was discovered that Network Address Translation (NAT) counteracted the random selection of source ports. This results from NAT implementations that map the source port to a statically-defined port, sequentially-assigned port, or some other easily-predicted NAT port.

Solution(s)

  • juniper-junos-os-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;