Multiple vulnerabilities in Juniper Junos
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2017-2343 CVE-2017-2345 CVE-2017-10601 |
| CWE-ID | CWE-798 CWE-20 CWE-287 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Juniper Junos OS Operating systems & Components / Operating system Juniper Junos Space Server applications / Remote management servers, RDP, SSH |
| Vendor | Juniper Networks, Inc. |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Security restrictions bypass
EUVDB-ID: #VU7508
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-2343
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain root access to the target system.
The weakness exists due to use of hard-coded authentication credentials by the Integrated User Firewall feature. A remote attacker can pass these credentials in clear text or in an encrypted format and gain control of the target system, other SRX Series devices in the same environment and Active Directory servers and services.
Successful exploitation of the vulnerability results in full control over the system.
Update to version 12.3X48-D35, 15.1X49-D50.
Vulnerable software versionsJuniper Junos OS: 12.3X48-D30 - 15.1X49
CPE2.3- cpe:2.3:o:juniper_networks:juniper_junos_os:12.3x48:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:15.1X49:*:*:*:*:*:*:*
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10791
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper input validation
EUVDB-ID: #VU7510
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-2345
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code.
The weakness exists due to insufficient validation of user-supplied data. A remote attacker can send a specially crafted SNMP packet to the target routing engine, cause the snmpd daemon to crash or execute arbitrary code on the system.
Successful exploitation of the vulnerability may result in system compromise.
The vulnerability is addressed in the following versions:
12.1X46-D67, 12.3X48-D51, 12.3X48-D55, 13.3R10-S2, 14.1R2-S10, 14.1R8-S4, 14.1R9, 14.1X53-D122, 14.1X53-D44, 14.1X53-D50, 14.2R7-S7, 14.2R8, 15.1F2-S18, 15.1F6-S7, 15.1R4-S8, 15.1R5-S5, 15.1R6-S1, 15.1R7, 15.1X49-D100, 15.1X53-D231, 15.1X53-D47, 15.1X53-D48, 15.1X53-D57, 15.1X53-D64, 15.1X53-D70, 16.1R3-S4, 16.1R4-S3, 16.1R5, 16.2R2, 17.1R1-S3, 17.1R2, 17.2R1-S1, 17.2R2, 17.3R1.
Juniper Junos OS: 10.2 - 16.1
Juniper Junos Space: 12.1 - 15.1
CPE2.3- cpe:2.3:o:juniper_networks:juniper_junos_os:10.2:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:10.3:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:10.4:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:11.1:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:11.2:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:11.3:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:11.4:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:12.1:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:12.2:*:*:*:*:*:*:*
- cpe:2.3:a:juniper_networks:juniper_junos_space:12.1:*:*:*:*:*:*:*
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10793
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Authentication bypass
EUVDB-ID: #VU7509
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-10601
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication on the target system.
The weakness exists due to a specific device configuration error. A remote attacker can bypass password-based authentication and gain access to the target system.
The vulnerability is addressed in the following versions:
12.3R10, 12.3R11, 12.3X48-D20, 13.2R8, 13.3R7, 14.1R4-S12, 14.1R5, 14.1R6, 14.1X53-D30, 14.2R4, 15.1F2, 15.1F3, 15.1R2, 15.1X49-D10, 16.1R1.
Juniper Junos OS: 12.3x48 - 15.1
Juniper Junos Space: 12.3
CPE2.3- cpe:2.3:o:juniper_networks:juniper_junos_os:12.3x48:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:13.2:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:13.3:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:14.1:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:14.2:*:*:*:*:*:*:*
- cpe:2.3:o:juniper_networks:juniper_junos_os:15.1:*:*:*:*:*:*:*
- cpe:2.3:a:juniper_networks:juniper_junos_space:12.3:*:*:*:*:*:*:*
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10802
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
