Junos Space: Authentication bypass vulnerability
CVE-2017-10622

9.8CRITICAL

Key Information:

Vendor: Juniper Networks
Status: Junos Space
Vendor: CVE Published:; 13 October 2017

Summary

An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issue only affects Junos Space Network Management Platform 17.1R1 without Patch v1 and 16.1 releases prior to 16.1R3. This issue was found by an external security researcher.

Affected Version(s)

Junos Space 17.1R1 without Patch-v1

Junos Space 16.1 releases prior to 16.1R3

References

https://kb.juniper.net/JSA10824

x_refsource_CONFIRM

http://www.securityfocus.com/bid/101258

vdb-entryx_refsource_BID

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 13, 2017
Vulnerability Reserved
Jun 28, 2017

Collectors

NVD DatabaseMitre Database

Credit

Ilias Polychroniadis of NeuroSoft S.A. (Redyops Team)