Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2017-10622
PUBLISHED
More InfoOfficial Page
Assigner-juniper
Assigner Org ID-8cbe9d5a-a066-4c94-8978-4b15efeae968
View Known Exploited Vulnerability (KEV) details
Published At-13 Oct, 2017 | 17:00
Updated At-17 Sep, 2024 | 02:48
Rejected At-
▼CVE Numbering Authority (CNA)
Junos Space: Authentication bypass vulnerability

An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issue only affects Junos Space Network Management Platform 17.1R1 without Patch v1 and 16.1 releases prior to 16.1R3. This issue was found by an external security researcher.

Affected Products
Vendor
Juniper Networks, Inc.Juniper Networks
Product
Junos Space
Versions
Affected
  • 17.1R1 without Patch-v1
  • 16.1 releases prior to 16.1R3
Problem Types
TypeCWE IDDescription
textN/Aauthentication bypass
Metrics
VersionBase scoreBase severityVector
3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds

There are no viable workarounds for this issue. It is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the device from trusted, administrative networks or hosts.

Exploits
Credits
Ilias Polychroniadis of NeuroSoft S.A. (Redyops Team)
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.juniper.net/JSA10824
x_refsource_CONFIRM
http://www.securityfocus.com/bid/101258
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.juniper.net/JSA10824
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/101258
vdb-entry
x_refsource_BID
x_transferred
Details not found