8.6

CVE-2017-2317

EPSS 0.46%
Veröffentlicht 24.04.2017 15:59:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle sirt@juniper.net
CVE-Watchlists
Login
Unerledigt
Login

A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause denials of services to underlying database tables leading to potential information disclosure, modification of system states, and partial to full denial of services relying upon data modified by an attacker.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Juniper ≫ Northstar Controller Version <= 2.1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.46%	0.611

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.6	3.9	4.7	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://kb.juniper.net/JSA10783

Vendor Advisory

Mitigation

http://www.securityfocus.com/bid/97652

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2017-2317

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-2317

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-2317

EUVD