Junos Space: Insufficient verification of cluster messages
CVE-2017-10623

7.1HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Space
Vendor: CVE Published:; 13 October 2017

Summary

Lack of authentication and authorization of cluster messages in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to intercept, inject or disrupt Junos Space cluster operations between two nodes. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1.

Affected Version(s)

Junos Space versions prior to 17.1R1

References

https://kb.juniper.net/JSA10826

x_refsource_CONFIRM

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 13, 2017
Vulnerability Reserved
Jun 28, 2017

Collectors

NVD DatabaseMitre Database