CVE-2016-4926

critical

Published 2017-03-20 · Modified 2026-05-13

CVSS v3

9.8

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2

7.5

VIR risk

9.8

Description

Insufficient authentication vulnerability in Junos Space before 15.2R2 allows remote network based users with access to Junos Space web interface to perform certain administrative tasks without authentication.

Predictions

Exploit likelihood

97%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: sirt@juniper.net — https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10760

References

http://www.securityfocus.com/bid/93540
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10760
http://www.securityfocus.com/bid/93540
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10760

CWEs

CWE-287

Verify integrity in audit chain (admin only). AS-IS.