| Vulnerability Name: | CVE-2017-10622 (CCN-133402) | ||||||||||||
| Assigned: | 2017-10-11 | ||||||||||||
| Published: | 2017-10-11 | ||||||||||||
| Updated: | 2019-10-09 | ||||||||||||
| Summary: | An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issue only affects Junos Space Network Management Platform 17.1R1 without Patch v1 and 16.1 releases prior to 16.1R3. This issue was found by an external security researcher. | ||||||||||||
| CVSS v3 Severity: | 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-287 | ||||||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2017-10622 Source: BID Type: Third Party Advisory, VDB Entry 101258 Source: CCN Type: BID-101258 Juniper Junos Space CVE-2017-10622 Authentication Bypass Vulnerability Source: XF Type: UNKNOWN juniper-cve201710622-sec-bypass(133402) Source: CCN Type: Juniper Security Bulletin: JSA10824 Junos Space: Authentication bypass vulnerability (CVE-2017-10622) Source: CONFIRM Type: Vendor Advisory https://kb.juniper.net/JSA10824 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||