Command Injection Vulnerability in Juniper Networks NorthStar Controller
CVE-2017-2324

5.3MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Northstar Controller Application
Vendor: CVE Published:; 24 April 2017

Summary

The vulnerability in Juniper Networks' NorthStar Controller Application prior to version 2.1.0 Service Pack 1 allows attackers to exploit command injection, potentially resulting in a denial of service condition. This vulnerability enables unauthorized network-based actors to execute malicious commands within the application environment, disrupting normal operations and affecting network management capabilities. The flaw underscores the importance of keeping software updated to mitigate risks associated with exploitation.

Affected Version(s)

NorthStar Controller Application prior to version 2.1.0 Service Pack 1

References

https://kb.juniper.net/JSA10783

x_refsource_CONFIRM

http://www.securityfocus.com/bid/97604

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 24, 2017
Vulnerability Reserved
Dec 1, 2016