CVE-2017-10602 Information

Description

A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI to execute code with root privileges. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D46 on EX2200/VC EX3200 EX3300/VC EX4200 EX4300 EX4550/VC EX4600 EX6200 EX8200/VC (XRE) QFX3500 QFX3600 QFX5100; 14.1X53 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4-S9 14.2R6; 15.1 versions prior to 15.1F5 15.1R3; 15.1X49 versions prior to 15.1X49-D40 on SRX Series; 15.1X53 versions prior to 15.1X53-D47 on NFX150 NFX250; 15.1X53 versions prior to 15.1X53-D65 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D233 on QFX5110 QFX5200.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/100323 http://www.securitytracker.com/id/1038900 https://kb.juniper.net/JSA10803

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8