10

CVE-2017-2320

EPSS 0.49%
Veröffentlicht 24.04.2017 15:59:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle sirt@juniper.net
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various denials of services leading to targeted information disclosure, modification of any component of the NorthStar system, including managed systems, and full denial of services to any systems under management which NorthStar interacts with using read-only or read-write credentials.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Juniper ≫ Northstar Controller Version <= 2.1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.49%	0.626

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	3.9	6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://kb.juniper.net/JSA10783

Vendor Advisory

Mitigation

http://www.securityfocus.com/bid/97687

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2017-2320

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-2320

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-2320

EUVD