Network-Based Attack Vulnerability in Juniper Networks NorthStar Controller Application
CVE-2017-2321

8.6HIGH

Key Information:

Vendor: Juniper Networks
Status: Northstar Controller Application
Vendor: CVE Published:; 24 April 2017

Summary

The Juniper Networks NorthStar Controller Application has a vulnerability that allows an unprivileged and unauthenticated attacker to exploit several service disruptions. Attackers can utilize various methods such as man-in-the-middle attacks, file injections, and command execution to create conditions that can lead to partial or complete denial of service, modification of system states and files, and potential exposure of sensitive information. This information can aid in further attacks, making the system increasingly vulnerable.

Affected Version(s)

NorthStar Controller Application prior to version 2.1.0 Service Pack 1

References

https://kb.juniper.net/JSA10783

x_refsource_CONFIRM

http://www.securityfocus.com/bid/97693

vdb-entryx_refsource_BID

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 24, 2017
Vulnerability Reserved
Dec 1, 2016