Approved changes feed: RSS · Atom
cpe:2.3:a:juniper_networks:screenos:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Juniper Networks (75c1b4ad-b137-51c1-bf9a-3bc90c5e98be) |
|---|---|
| Product | Screenos (9fd15efb-7de6-5525-9163-b93b38ce18b6) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-0059 |
vulnerable | 2026-06-03 14:37:48.266041 |
ScreenOS: Stored Cross-Site Scripting (XSS) vulnerability
MEDIUM (5.4)
A persistent cross-site scripting vulnerability in the graphical user interface of ScreenOS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. Affected releases are Juniper Networks ScreenOS 6.3.0 versions prior to 6.3.0r26.
Published: 2018-10-10T18:00:00.000Z
Updated: 2024-09-16T18:24:49.920Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-0014 |
vulnerable | 2026-06-03 14:37:47.909381 |
ScreenOS: Etherleak vulnerability found on ScreenOS device
MEDIUM (4.3)
Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001. The issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25.
Published: 2018-01-10T22:00:00.000Z
Updated: 2024-09-16T16:37:27.824Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2339 |
vulnerable | 2026-06-03 14:37:07.424059 |
ScreenOS: XSS vulnerability in ScreenOS Firewall
HIGH (8.4)
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue.
Published: 2017-07-14T14:00:00.000Z
Updated: 2024-09-16T20:52:25.134Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2338 |
vulnerable | 2026-06-03 14:37:07.423121 |
ScreenOS: XSS vulnerability in ScreenOS Firewall
HIGH (8.4)
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue.
Published: 2017-07-14T14:00:00.000Z
Updated: 2024-09-16T23:41:11.241Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2337 |
vulnerable | 2026-06-03 14:37:07.422255 |
ScreenOS: XSS vulnerability in ScreenOS Firewall
HIGH (8.4)
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue.
Published: 2017-07-14T14:00:00.000Z
Updated: 2024-09-16T20:13:15.247Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2336 |
vulnerable | 2026-06-03 14:37:07.421340 |
ScreenOS: XSS vulnerability in ScreenOS Firewall
CRITICAL (9.6)
A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the attacker to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue.
Published: 2017-07-14T14:00:00.000Z
Updated: 2024-09-16T17:38:40.445Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-2335 |
vulnerable | 2026-06-03 14:37:07.408666 |
ScreenOS: XSS vulnerability in ScreenOS Firewall
HIGH (8.4)
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue.
Published: 2017-07-14T14:00:00.000Z
Updated: 2024-09-16T20:17:28.685Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.