CVE-2022-22229 An XSS vulnerability in the Control Center Controller pages of Juniper Networks Paragon Active Assurance allows for persistent attacks.
This vulnerability can be exploited remotely by a low skill level attacker without much knowledge or experience in web development. An attacker can exploit this vulnerability by sending an account management request to the Control Center Controller (CC) to generate a new ActiveAssurance CC configuration file. If an authorized CC user inadvertently triggers an XSS attack from an external source such as a web page, an attacker can exploit this vulnerability. An attacker can exploit this vulnerability by sending an account management request to the CC to generate a new ActiveAssurance CC configuration file. If an authorized CC user inadvertently triggers an XSS attack from an external source such as a web page, an attacker can exploit this vulnerability. An attacker can exploit this vulnerability by sending an account management request to the CC to generate a new ActiveAssurance CC configuration file. If an authorized CC user inadvertently triggers an XSS attack from an external source such as a web page, an attacker can exploit this vulnerability. An attacker can exploit this vulnerability by sending an account management request to the CC to generate a new ActiveAssurance CC configuration file. If an authorized CC user inadvertently triggers an XSS attack from an external source such as a web page, an attacker can exploit this vulnerability
Vulnerable Package:
ActiveAssurance Control Center
The vulnerability resides in the ActiveAssurance Control Center (CC) application, version 3.2.0. The vulnerability can be exploited remotely by a low skill level attacker without much knowledge or experience in web development. An attacker can exploit this vulnerability by sending an account management request to the CC to generate a new ActiveAssurance CC configuration file. If an authorized CC user inadvertently triggers an XSS attack from an external source such as a web page, an attacker can exploit this vulnerability. An attacker can exploit this vulnerability by sending an account management request to the CC to generate a new ActiveAssurance CC configuration file. If an authorized CC user inadvertently triggers an XSS attack from an external source such as a web page, an attacker can exploit this vulnerability. An attacker can exploit this vulnerability by sending an account management request to the CC to generate a new ActiveAssurance CC configuration file. If an authorized CC user inadvertently triggers an XSS attack from an external source such as a web page,
An attacker can exploit this vulnerability by sending an account management request to the CC to generate a new ActiveAssurance CC configuration file
What is the Apache ActiveMQ?
The Apache ActiveMQ is a messaging platform that supports many protocols and transports. It is the default message broker in many open source Java applications, including Apache Camel.
Timeline
Published on: 10/18/2022 03:15:00 UTC