8.8

CVE-2017-2341

An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Version14.1x53
   JuniperQfx5110 Version-
JuniperJunos Version14.1x53-d10
   JuniperQfx5110 Version-
JuniperJunos Version14.1x53-d15
   JuniperQfx5110 Version-
JuniperJunos Version14.1x53-d25
   JuniperQfx5110 Version-
JuniperJunos Version14.1x53-d26
   JuniperQfx5110 Version-
JuniperJunos Version14.1x53-d27
   JuniperQfx5110 Version-
JuniperJunos Version14.1x53-d30
   JuniperQfx5110 Version-
JuniperJunos Version14.1x53-d35
   JuniperQfx5110 Version-
JuniperJunos Version14.1x53
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53-d10
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53-d15
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53-d25
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53-d26
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53-d27
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53-d30
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53-d35
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53
   JuniperQfx10002 Version-
JuniperJunos Version14.1x53-d10
   JuniperQfx10002 Version-
JuniperJunos Version14.1x53-d15
   JuniperQfx10002 Version-
JuniperJunos Version14.1x53-d25
   JuniperQfx10002 Version-
JuniperJunos Version14.1x53-d26
   JuniperQfx10002 Version-
JuniperJunos Version14.1x53-d27
   JuniperQfx10002 Version-
JuniperJunos Version14.1x53-d30
   JuniperQfx10002 Version-
JuniperJunos Version14.1x53-d35
   JuniperQfx10002 Version-
JuniperJunos Version14.1x53
   JuniperQfx10008 Version-
JuniperJunos Version14.1x53-d10
   JuniperQfx10008 Version-
JuniperJunos Version14.1x53-d15
   JuniperQfx10008 Version-
JuniperJunos Version14.1x53-d25
   JuniperQfx10008 Version-
JuniperJunos Version14.1x53-d26
   JuniperQfx10008 Version-
JuniperJunos Version14.1x53-d27
   JuniperQfx10008 Version-
JuniperJunos Version14.1x53-d30
   JuniperQfx10008 Version-
JuniperJunos Version14.1x53-d35
   JuniperQfx10008 Version-
JuniperJunos Version14.1x53
   JuniperQfx10016 Version-
JuniperJunos Version14.1x53-d10
   JuniperQfx10016 Version-
JuniperJunos Version14.1x53-d15
   JuniperQfx10016 Version-
JuniperJunos Version14.1x53-d25
   JuniperQfx10016 Version-
JuniperJunos Version14.1x53-d26
   JuniperQfx10016 Version-
JuniperJunos Version14.1x53-d27
   JuniperQfx10016 Version-
JuniperJunos Version14.1x53-d30
   JuniperQfx10016 Version-
JuniperJunos Version14.1x53-d35
   JuniperQfx10016 Version-
JuniperJunos Version14.1x53
   JuniperEx4600 Version-
JuniperJunos Version14.1x53-d10
   JuniperEx4600 Version-
JuniperJunos Version14.1x53-d15
   JuniperEx4600 Version-
JuniperJunos Version14.1x53-d25
   JuniperEx4600 Version-
JuniperJunos Version14.1x53-d26
   JuniperEx4600 Version-
JuniperJunos Version14.1x53-d27
   JuniperEx4600 Version-
JuniperJunos Version14.1x53-d30
   JuniperEx4600 Version-
JuniperJunos Version14.1x53-d35
   JuniperEx4600 Version-
JuniperJunos Version14.1x53
   JuniperNfx250 Version-
JuniperJunos Version14.1x53-d10
   JuniperNfx250 Version-
JuniperJunos Version14.1x53-d15
   JuniperNfx250 Version-
JuniperJunos Version14.1x53-d25
   JuniperNfx250 Version-
JuniperJunos Version14.1x53-d26
   JuniperNfx250 Version-
JuniperJunos Version14.1x53-d27
   JuniperNfx250 Version-
JuniperJunos Version14.1x53-d30
   JuniperNfx250 Version-
JuniperJunos Version14.1x53-d35
   JuniperNfx250 Version-
JuniperJunos Version15.1
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updatea1
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updatef1
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updatef2
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updatef2-s1
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updatef2-s2
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updatef2-s3
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updatef2-s4
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updatef3
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updatef4
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updatef5
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updatef6
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updatef7
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updater1
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updater2
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updater3
   JuniperEx4600 Version-
JuniperJunos Version15.1 Updater4
   JuniperEx4600 Version-
JuniperJunos Version15.1x49
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated10
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated20
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated30
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated35
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated40
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated45
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated50
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated55
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated60
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated65
   JuniperVsrx Version-
JuniperJunos Version15.1x49
   JuniperSrx1500 Version-
JuniperJunos Version15.1x49 Updated10
   JuniperSrx1500 Version-
JuniperJunos Version15.1x49 Updated20
   JuniperSrx1500 Version-
JuniperJunos Version15.1x49 Updated30
   JuniperSrx1500 Version-
JuniperJunos Version15.1x49 Updated35
   JuniperSrx1500 Version-
JuniperJunos Version15.1x49 Updated40
   JuniperSrx1500 Version-
JuniperJunos Version15.1x49 Updated45
   JuniperSrx1500 Version-
JuniperJunos Version15.1x49 Updated50
   JuniperSrx1500 Version-
JuniperJunos Version15.1x49 Updated55
   JuniperSrx1500 Version-
JuniperJunos Version15.1x49 Updated60
   JuniperSrx1500 Version-
JuniperJunos Version15.1x49 Updated65
   JuniperSrx1500 Version-
JuniperJunos Version15.1x49
   JuniperSrx4100 Version-
JuniperJunos Version15.1x49 Updated10
   JuniperSrx4100 Version-
JuniperJunos Version15.1x49 Updated20
   JuniperSrx4100 Version-
JuniperJunos Version15.1x49 Updated30
   JuniperSrx4100 Version-
JuniperJunos Version15.1x49 Updated35
   JuniperSrx4100 Version-
JuniperJunos Version15.1x49 Updated40
   JuniperSrx4100 Version-
JuniperJunos Version15.1x49 Updated45
   JuniperSrx4100 Version-
JuniperJunos Version15.1x49 Updated50
   JuniperSrx4100 Version-
JuniperJunos Version15.1x49 Updated55
   JuniperSrx4100 Version-
JuniperJunos Version15.1x49 Updated60
   JuniperSrx4100 Version-
JuniperJunos Version15.1x49 Updated65
   JuniperSrx4100 Version-
JuniperJunos Version15.1x49
   JuniperSrx4200 Version-
JuniperJunos Version15.1x49 Updated10
   JuniperSrx4200 Version-
JuniperJunos Version15.1x49 Updated20
   JuniperSrx4200 Version-
JuniperJunos Version15.1x49 Updated30
   JuniperSrx4200 Version-
JuniperJunos Version15.1x49 Updated35
   JuniperSrx4200 Version-
JuniperJunos Version15.1x49 Updated40
   JuniperSrx4200 Version-
JuniperJunos Version15.1x49 Updated45
   JuniperSrx4200 Version-
JuniperJunos Version15.1x49 Updated50
   JuniperSrx4200 Version-
JuniperJunos Version15.1x49 Updated55
   JuniperSrx4200 Version-
JuniperJunos Version15.1x49 Updated60
   JuniperSrx4200 Version-
JuniperJunos Version15.1x49 Updated65
   JuniperSrx4200 Version-
JuniperJunos Version16.1
   JuniperEx4600 Version-
JuniperJunos Version16.1 Updater1
   JuniperEx4600 Version-
JuniperJunos Version16.1
   JuniperAcx5000 Version-
JuniperJunos Version16.1 Updater1
   JuniperAcx5000 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.19% 0.413
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.8 2 6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
sirt@juniper.net 8.8 2 6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://www.securitytracker.com/id/1038893
Third Party Advisory
VDB Entry