Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-2341 (GCVE-0-2017-2341)
Vulnerability from cvelistv5 – Published: 2017-07-14 14:00 – Updated: 2024-09-16 18:48
VLAI?
EPSS
Title
Junos OS: VM to host privilege escalation in platforms with Junos OS running in a virtualized environment.
Summary
An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue.
Severity ?
8.8 (High)
CWE
- insufficient authentication vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
14.1X53 prior to 14.1X53-D40
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:05.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038893",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038893"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10787"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "14.1X53 prior to 14.1X53-D40"
}
]
},
{
"platforms": [
"EX4600"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "15.1 prior to 15.1R5"
}
]
},
{
"platforms": [
"vSRX, SRX1500, SRX4100, SRX4200"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "15.1X49 prior to 15.1X49-D70"
}
]
},
{
"platforms": [
"EX4600, ACX5000 series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "16.1 prior to 16.1R2"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue does not affect Junos OS where FIPS mode is enabled."
}
],
"datePublic": "2017-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "insufficient authentication vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-15T09:57:01.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"name": "1038893",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038893"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10787"
}
],
"title": "Junos OS: VM to host privilege escalation in platforms with Junos OS running in a virtualized environment.",
"workarounds": [
{
"lang": "en",
"value": "Running Junos OS in FIPS mode eliminates this vulnerability."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2017-07-12T09:00",
"ID": "CVE-2017-2341",
"STATE": "PUBLIC",
"TITLE": "Junos OS: VM to host privilege escalation in platforms with Junos OS running in a virtualized environment."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250",
"version_value": "14.1X53 prior to 14.1X53-D40"
},
{
"platform": "EX4600",
"version_value": "15.1 prior to 15.1R5"
},
{
"platform": "vSRX, SRX1500, SRX4100, SRX4200",
"version_value": "15.1X49 prior to 15.1X49-D70"
},
{
"platform": "EX4600, ACX5000 series",
"version_value": "16.1 prior to 16.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue does not affect Junos OS where FIPS mode is enabled."
}
],
"credit": [],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "insufficient authentication vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038893",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038893"
},
{
"name": "https://kb.juniper.net/JSA10787",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10787"
}
]
},
"solution": "The following software releases have been updated to resolve this specific issue: Junos OS 14.1X53-D40, 15.1R5, 15.1X49-D70, 16.1R2 and all subsequent releases.\n\nThis issue is being tracked as PR 1161762 and is visible on the Customer Support website.",
"work_around": [
{
"lang": "en",
"value": "Running Junos OS in FIPS mode eliminates this vulnerability."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2017-2341",
"datePublished": "2017-07-14T14:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:48:59.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GSD-2017-2341
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-2341",
"description": "An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue.",
"id": "GSD-2017-2341"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-2341"
],
"details": "An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue.",
"id": "GSD-2017-2341",
"modified": "2023-12-13T01:21:05.181855Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2017-07-12T09:00",
"ID": "CVE-2017-2341",
"STATE": "PUBLIC",
"TITLE": "Junos OS: VM to host privilege escalation in platforms with Junos OS running in a virtualized environment."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250",
"version_value": "14.1X53 prior to 14.1X53-D40"
},
{
"platform": "EX4600",
"version_value": "15.1 prior to 15.1R5"
},
{
"platform": "vSRX, SRX1500, SRX4100, SRX4200",
"version_value": "15.1X49 prior to 15.1X49-D70"
},
{
"platform": "EX4600, ACX5000 series",
"version_value": "16.1 prior to 16.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "This issue does not affect Junos OS where FIPS mode is enabled."
}
],
"credit": [],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "insufficient authentication vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038893",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038893"
},
{
"name": "https://kb.juniper.net/JSA10787",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10787"
}
]
},
"solution": "The following software releases have been updated to resolve this specific issue: Junos OS 14.1X53-D40, 15.1R5, 15.1X49-D70, 16.1R2 and all subsequent releases.\n\nThis issue is being tracked as PR 1161762 and is visible on the Customer Support website.",
"work_around": [
{
"lang": "eng",
"value": "Running Junos OS in FIPS mode eliminates this vulnerability.\n"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:nfx250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:a1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f2-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f2-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f2-s4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f2-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:acx5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"ID": "CVE-2017-2341"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10787",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10787"
},
{
"name": "1038893",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038893"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
},
"lastModifiedDate": "2019-10-09T23:26Z",
"publishedDate": "2017-07-17T13:18Z"
}
}
}
CERTFR-2017-AVI-212
Vulnerability from certfr_avis - Published: 2017-07-12 - Updated: 2017-07-12
De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CTPView 7.1, 7.2 et 7.3",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CTPOS 7.0, 7.1, 7.2 et 7.3",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "ScreenOS versions ant\u00e9rieures \u00e0 6.3.0r24",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS toutes versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-9310",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9310"
},
{
"name": "CVE-2017-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2341"
},
{
"name": "CVE-2017-3135",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3135"
},
{
"name": "CVE-2017-2346",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2346"
},
{
"name": "CVE-2016-7426",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7426"
},
{
"name": "CVE-2017-2347",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2347"
},
{
"name": "CVE-2017-2338",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2338"
},
{
"name": "CVE-2017-2348",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2348"
},
{
"name": "CVE-2017-3731",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3731"
},
{
"name": "CVE-2016-7433",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7433"
},
{
"name": "CVE-2016-7429",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7429"
},
{
"name": "CVE-2016-9311",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9311"
},
{
"name": "CVE-2015-8138",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8138"
},
{
"name": "CVE-2016-7434",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7434"
},
{
"name": "CVE-2017-2336",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2336"
},
{
"name": "CVE-2017-2337",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2337"
},
{
"name": "CVE-2016-7427",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7427"
},
{
"name": "CVE-2017-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
},
{
"name": "CVE-2017-10605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10605"
},
{
"name": "CVE-2017-2344",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2344"
},
{
"name": "CVE-2017-2345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2345"
},
{
"name": "CVE-2017-2343",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2343"
},
{
"name": "CVE-2017-2339",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2339"
},
{
"name": "CVE-2016-7431",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7431"
},
{
"name": "CVE-2016-7055",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7055"
},
{
"name": "CVE-2016-1887",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1887"
},
{
"name": "CVE-2016-9312",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9312"
},
{
"name": "CVE-2016-7428",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7428"
},
{
"name": "CVE-2016-3074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3074"
},
{
"name": "CVE-2017-2314",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2314"
},
{
"name": "CVE-2017-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2342"
},
{
"name": "CVE-2017-2335",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2335"
}
],
"initial_release_date": "2017-07-12T00:00:00",
"last_revision_date": "2017-07-12T00:00:00",
"links": [],
"reference": "CERTFR-2017-AVI-212",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-07-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Juniper\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10797 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10797\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10794 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10794\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10789 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10789\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10800 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10800\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10793 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10793\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10791 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10791\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10775 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10775\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10795 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10795\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10790 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10790\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10779 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10779\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10787 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10787\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10799 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10799\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10796 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10796\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10792 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10792\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10798 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10798\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10782 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10782\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
FKIE_CVE-2017-2341
Vulnerability from fkie_nvd - Published: 2017-07-17 13:18 - Updated: 2025-04-20 01:37
Severity ?
8.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue.
References
| URL | Tags | ||
|---|---|---|---|
| sirt@juniper.net | http://www.securitytracker.com/id/1038893 | Third Party Advisory, VDB Entry | |
| sirt@juniper.net | https://kb.juniper.net/JSA10787 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038893 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA10787 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53-d10 | |
| juniper | junos | 14.1x53-d15 | |
| juniper | junos | 14.1x53-d25 | |
| juniper | junos | 14.1x53-d26 | |
| juniper | junos | 14.1x53-d27 | |
| juniper | junos | 14.1x53-d30 | |
| juniper | junos | 14.1x53-d35 | |
| juniper | qfx5110 | - | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53-d10 | |
| juniper | junos | 14.1x53-d15 | |
| juniper | junos | 14.1x53-d25 | |
| juniper | junos | 14.1x53-d26 | |
| juniper | junos | 14.1x53-d27 | |
| juniper | junos | 14.1x53-d30 | |
| juniper | junos | 14.1x53-d35 | |
| juniper | qfx5200 | - | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53-d10 | |
| juniper | junos | 14.1x53-d15 | |
| juniper | junos | 14.1x53-d25 | |
| juniper | junos | 14.1x53-d26 | |
| juniper | junos | 14.1x53-d27 | |
| juniper | junos | 14.1x53-d30 | |
| juniper | junos | 14.1x53-d35 | |
| juniper | qfx10002 | - | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53-d10 | |
| juniper | junos | 14.1x53-d15 | |
| juniper | junos | 14.1x53-d25 | |
| juniper | junos | 14.1x53-d26 | |
| juniper | junos | 14.1x53-d27 | |
| juniper | junos | 14.1x53-d30 | |
| juniper | junos | 14.1x53-d35 | |
| juniper | qfx10008 | - | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53-d10 | |
| juniper | junos | 14.1x53-d15 | |
| juniper | junos | 14.1x53-d25 | |
| juniper | junos | 14.1x53-d26 | |
| juniper | junos | 14.1x53-d27 | |
| juniper | junos | 14.1x53-d30 | |
| juniper | junos | 14.1x53-d35 | |
| juniper | qfx10016 | - | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53-d10 | |
| juniper | junos | 14.1x53-d15 | |
| juniper | junos | 14.1x53-d25 | |
| juniper | junos | 14.1x53-d26 | |
| juniper | junos | 14.1x53-d27 | |
| juniper | junos | 14.1x53-d30 | |
| juniper | junos | 14.1x53-d35 | |
| juniper | ex4600 | - | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53-d10 | |
| juniper | junos | 14.1x53-d15 | |
| juniper | junos | 14.1x53-d25 | |
| juniper | junos | 14.1x53-d26 | |
| juniper | junos | 14.1x53-d27 | |
| juniper | junos | 14.1x53-d30 | |
| juniper | junos | 14.1x53-d35 | |
| juniper | nfx250 | - | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | junos | 15.1 | |
| juniper | ex4600 | - | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | vsrx | - | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | srx1500 | - | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | srx4100 | - | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | srx4200 | - | |
| juniper | junos | 16.1 | |
| juniper | junos | 16.1 | |
| juniper | ex4600 | - | |
| juniper | junos | 16.1 | |
| juniper | junos | 16.1 | |
| juniper | acx5000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1401145-D8EC-4DB9-9CDE-9DE6C0D000C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1453E42A-77B3-4922-8EC3-1A5668C39550",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26408465-BD6A-4416-B98E-691A5F651080",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*",
"matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*",
"matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*",
"matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*",
"matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:nfx250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB08A27-7777-4538-ADC4-9D2F89963C13",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0952C4-FFCC-4A78-ADFC-289BD6E269DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:a1:*:*:*:*:*:*",
"matchCriteriaId": "83AB8877-3DC0-4B8C-B864-1BF18C368337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*",
"matchCriteriaId": "C56F5C48-BA48-4EE1-88BE-782B3CFB3B90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
"matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s1:*:*:*:*:*:*",
"matchCriteriaId": "AC196685-3B0C-4754-AE6A-6BE456CC6B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s2:*:*:*:*:*:*",
"matchCriteriaId": "F0146AA9-C513-4871-A62A-52C9F40EB958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s3:*:*:*:*:*:*",
"matchCriteriaId": "A18672EF-E33D-4ACE-BB0A-561812F502C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s4:*:*:*:*:*:*",
"matchCriteriaId": "CEF0E75F-831E-40B8-926D-B2E92A84E31B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*",
"matchCriteriaId": "0E0ECBD8-3D66-49DA-A557-5695159F0C06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*",
"matchCriteriaId": "0EAA2998-A0D6-4818-9E7C-25E8099403E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*",
"matchCriteriaId": "2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*",
"matchCriteriaId": "71D211B9-B2FE-4324-AAEE-8825D5238E48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f7:*:*:*:*:*:*",
"matchCriteriaId": "BD332D86-5DA7-49A4-98C3-E4D946832DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*",
"matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*",
"matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*",
"matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*",
"matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC40ABB-E364-46C9-A904-C0ED02806250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "BBE35BDC-7739-4854-8BB8-E8600603DE9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC40ABB-E364-46C9-A904-C0ED02806250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "BBE35BDC-7739-4854-8BB8-E8600603DE9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:acx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C398D8D-AD15-422C-90DE-2EAD9B9A7DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue."
},
{
"lang": "es",
"value": "Una vulnerabilidad de autenticaci\u00f3n insuficiente en plataformas donde las instancias de Junos OS se ejecutan en un entorno virtualizado, puede permitir que los usuarios sin privilegios de la instancia de Junos OS alcanzar acceso al entorno operativo del host y, por lo tanto, escalar los privilegios. Las versiones afectadas son Juniper Networks Junos OS versi\u00f3n 14.1X53 anterior a 14.1X53-D40 en QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 y NFX250; versi\u00f3n 15.1 anterior a 15.1R5 en EX4600; versi\u00f3n 15.1X49 anterior a 15.1X49-D70 en vSRX, SRX1500, SRX4100, SRX4200; versi\u00f3n 16.1 anterior a 16.1R2 en la serie EX4600, ACX5000. Este problema no afecta a vMX. Ning\u00fan otro producto o plataforma de Juniper Networks est\u00e1 afectada por este problema."
}
],
"id": "CVE-2017-2341",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-17T13:18:24.237",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038893"
},
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10787"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CNVD-2017-23949
Vulnerability from cnvd - Published: 2017-08-31
VLAI Severity ?
Title
多款Juniper产品Junos OS权限提升漏洞
Description
Juniper QFX5110 series等都是美国瞻博网络(Juniper Networks)公司的产品。QFX5110 series是一系列以太网交换机;Juniper vSRX series是一系列防火墙模拟器产品;SRX1500 series是一系列防火墙设备。Junos OS是其中的一套操作系统。
多款Juniper产品中的Junos OS 14.1X53版本,15.1版本,15.1X49版本和16.1版本中存在安全漏洞,该漏洞源于程序没有充分的执行身份验证。攻击者可利用该漏洞获取主机操作环境的访问权限,并提升权限。
Severity
高
Patch Name
多款Juniper产品Junos OS权限提升漏洞的补丁
Patch Description
Juniper QFX5110 series等都是美国瞻博网络(Juniper Networks)公司的产品。QFX5110 series是一系列以太网交换机;Juniper vSRX series是一系列防火墙模拟器产品;SRX1500 series是一系列防火墙设备。Junos OS是其中的一套操作系统。
多款Juniper产品中的Junos OS 14.1X53版本,15.1版本,15.1X49版本和16.1版本中存在安全漏洞,该漏洞源于程序未能充分的执行身份验证。攻击者可利用该漏洞获取主机操作环境的访问权限,并提升权限。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10787
Reference
http://securitytracker.com/id/1038893
Impacted products
| Name | ['Juniper Networks Junos OS 15.1', 'Juniper Networks Junos OS 16.1', 'Juniper Networks Junos OS 14.1X53', 'Juniper Networks Junos OS 15.1X49', 'Juniper Networks Junos OS vSRX', 'Juniper Networks Junos OS SRX1500', 'Juniper Networks Junos OS SRX4100', 'Juniper Networks Junos OS SRX4200', 'Juniper Networks Junos OS QFX5110', 'Juniper Networks Junos OS QFX5200', 'Juniper Networks Junos OS QFX10002', 'Juniper Networks Junos OS QFX10008', 'Juniper Networks Junos OS QFX10016', 'Juniper Networks Junos OS ACX5000', 'Juniper Networks Junos OS EX4600', 'Juniper Networks Junos OS NFX250 devices'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-2341"
}
},
"description": "Juniper QFX5110 series\u7b49\u90fd\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002QFX5110 series\u662f\u4e00\u7cfb\u5217\u4ee5\u592a\u7f51\u4ea4\u6362\u673a\uff1bJuniper vSRX series\u662f\u4e00\u7cfb\u5217\u9632\u706b\u5899\u6a21\u62df\u5668\u4ea7\u54c1\uff1bSRX1500 series\u662f\u4e00\u7cfb\u5217\u9632\u706b\u5899\u8bbe\u5907\u3002Junos OS\u662f\u5176\u4e2d\u7684\u4e00\u5957\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\n\u591a\u6b3eJuniper\u4ea7\u54c1\u4e2d\u7684Junos OS 14.1X53\u7248\u672c\uff0c15.1\u7248\u672c\uff0c15.1X49\u7248\u672c\u548c16.1\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6ca1\u6709\u5145\u5206\u7684\u6267\u884c\u8eab\u4efd\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u4e3b\u673a\u64cd\u4f5c\u73af\u5883\u7684\u8bbf\u95ee\u6743\u9650\uff0c\u5e76\u63d0\u5347\u6743\u9650\u3002",
"discovererName": "Juniper Networks",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10787",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-23949",
"openTime": "2017-08-31",
"patchDescription": "Juniper QFX5110 series\u7b49\u90fd\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002QFX5110 series\u662f\u4e00\u7cfb\u5217\u4ee5\u592a\u7f51\u4ea4\u6362\u673a\uff1bJuniper vSRX series\u662f\u4e00\u7cfb\u5217\u9632\u706b\u5899\u6a21\u62df\u5668\u4ea7\u54c1\uff1bSRX1500 series\u662f\u4e00\u7cfb\u5217\u9632\u706b\u5899\u8bbe\u5907\u3002Junos OS\u662f\u5176\u4e2d\u7684\u4e00\u5957\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\n\u591a\u6b3eJuniper\u4ea7\u54c1\u4e2d\u7684Junos OS 14.1X53\u7248\u672c\uff0c15.1\u7248\u672c\uff0c15.1X49\u7248\u672c\u548c16.1\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u7684\u6267\u884c\u8eab\u4efd\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u4e3b\u673a\u64cd\u4f5c\u73af\u5883\u7684\u8bbf\u95ee\u6743\u9650\uff0c\u5e76\u63d0\u5347\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u6b3eJuniper\u4ea7\u54c1Junos OS\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Juniper Networks Junos OS 15.1",
"Juniper Networks Junos OS 16.1",
"Juniper Networks Junos OS 14.1X53",
"Juniper Networks Junos OS 15.1X49",
"Juniper Networks Junos OS vSRX",
"Juniper Networks Junos OS SRX1500",
"Juniper Networks Junos OS SRX4100",
"Juniper Networks Junos OS SRX4200",
"Juniper Networks Junos OS QFX5110",
"Juniper Networks Junos OS QFX5200",
"Juniper Networks Junos OS QFX10002",
"Juniper Networks Junos OS QFX10008",
"Juniper Networks Junos OS QFX10016",
"Juniper Networks Junos OS ACX5000",
"Juniper Networks Junos OS EX4600",
"Juniper Networks Junos OS NFX250 devices"
]
},
"referenceLink": "http://securitytracker.com/id/1038893",
"serverity": "\u9ad8",
"submitTime": "2017-07-20",
"title": "\u591a\u6b3eJuniper\u4ea7\u54c1Junos OS\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}
GHSA-RHPC-M5P5-7379
Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36
VLAI?
Details
An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue.
Severity ?
8.8 (High)
{
"affected": [],
"aliases": [
"CVE-2017-2341"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-07-17T13:18:00Z",
"severity": "HIGH"
},
"details": "An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue.",
"id": "GHSA-rhpc-m5p5-7379",
"modified": "2022-05-13T01:36:58Z",
"published": "2022-05-13T01:36:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2341"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA10787"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038893"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…