Title: Juniper Mobility System Software (MSSTM) web portal WebAAA cross-site scripting (XSS)
Advisory ID: SWRX-2012-004
Date published: Thursday, June 14, 2012
CVSS v2 base score: 5.0
Date of last update: Thursday, August 22, 2013
Vendors contacted: Juniper Networks, Inc.
Release mode: Coordinated
Discovered by: Craig Lambert, Dell SecureWorks
The Juniper Networks Mobility System Software is part of Juniper's Wireless LAN Services (WLS) software product set and is the operating system component of the Mobility System. According to the Mobility System Software configuration guide, the Mobility System Software runs all WLC switches and WLAs in a WLAN. This advisory focuses on the Juniper Mobility System Software web portal WebAAA, which "provides a simple and universal way to authenticate any user or device using a web browser. A common application of WebAAA is to control access for guests on your network."
A vulnerability exists in the WebAAA login function for versions prior to 7.6.3 and 7.7.1 due to insufficient input validation of arbitrary URL parameters. Successful exploitation may aid an attacker in retrieving session cookies, stealing recently submitted data, or launching further attacks.