CVE-2017-10622

EPSS 21.51%
Published 13.10.2017 17:29:01
Last modified 20.04.2025 01:37:25
Source sirt@juniper.net
Teams watchlist Login
Open Login

An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issue only affects Junos Space Network Management Platform 17.1R1 without Patch v1 and 16.1 releases prior to 16.1R3. This issue was found by an external security researcher.

Affected products Warnungen 0 Metrics 4 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Juniper ≫ Junos Space Version17.1 Updater1

Juniper ≫ Junos Space Version16.1

Juniper ≫ Junos Space Version16.1 Updater1

Juniper ≫ Junos Space Version16.1 Updater2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	21.51%	0.955

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C
sirt@juniper.net	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://www.securityfocus.com/bid/101258

Third Party Advisory

VDB Entry

https://kb.juniper.net/JSA10824

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-10622

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-10622

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-10622

EUVD