CVE-2017-2321 Information

Description

A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated unprivileged network-based attacker to cause various system services partial to full denials of services modification of system states and files and potential disclosure of sensitive information which may assist the attacker in further attacks on the system through the use of multiple attack vectors including man-in-the-middle attacks file injections and malicious execution of commands causing out of bound memory conditions leading to other attacks.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Reference

http://www.securityfocus.com/bid/97693 https://kb.juniper.net/JSA10783

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

HIGH

Base Severity

8.6