Denial of Service Vulnerability in Juniper Networks NorthStar Controller Application
CVE-2017-2317

8.6HIGH

Key Information:

Vendor: Juniper Networks
Status: Northstar Controller Application
Vendor: CVE Published:; 24 April 2017

Summary

A denial of service vulnerability exists in the Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1. This flaw may be exploited by an unauthenticated, unprivileged network-based attacker to disrupt services by targeting underlying database tables. Such exploitation could lead to significant operational disruptions, including potential unauthorized information disclosure and modification of system states, resulting in partial to complete denial of services that rely on the compromised data.

Affected Version(s)

NorthStar Controller Application prior to version 2.1.0 Service Pack 1

References

https://kb.juniper.net/JSA10783

x_refsource_CONFIRM

http://www.securityfocus.com/bid/97652

vdb-entryx_refsource_BID

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 24, 2017
Vulnerability Reserved
Dec 1, 2016