What is CVE-2021-0296?

CVE-2021-0296 is a high-severity vulnerability in Juniper Ctpview, classified under Cleartext Transmission of Sensitive Information. CVSS score: 7.4/10. Published 2021-10-19.

How severe is CVE-2021-0296?

High severity. CVSS v3 base score is 7.4 out of 10.

Vulnerability in Juniper Ctpview

CVE-2021-0296

The Juniper Networks CTPView server is not enforcing HTTP Strict Transport Security (HSTS). HSTS is an optional response header which allows servers to indicate that content from the requested domain will only be served over HTTPS. The lac…

EPSS: 0.005 (38.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.4 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N.

Affected products

Juniper Ctpview — versions 7.3, 9.1
Juniper Networks Ctpview — versions 7.3, 9.1

Weakness classification (CWE)

CWE-319 — Cleartext Transmission of Sensitive Information

References

sirt@juniper.net (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2021-0296?: CVE-2021-0296 is a high-severity vulnerability in Juniper Ctpview, classified under Cleartext Transmission of Sensitive Information. CVSS score: 7.4/10. Published 2021-10-19.
How severe is CVE-2021-0296?: High severity. CVSS v3 base score is 7.4 out of 10.