CVE-2017-10602

A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute code with root privileges. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D46 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4-S9, 14.2R6; 15.1 versions prior to 15.1F5, 15.1R3; 15.1X49 versions prior to 15.1X49-D40 on SRX Series; 15.1X53 versions prior to 15.1X53-D47 on NFX150, NFX250; 15.1X53 versions prior to 15.1X53-D65 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D233 on QFX5110, QFX5200.
Configurations

Configuration 1 (hide)

cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:14.2:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:14.2:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:14.2:r3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:14.2:r4:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:14.2:r5:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1:a1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1:f2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1:f2-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1:f2-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1:f2-s4:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x49-d10:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x49-d20:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x49-d30:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x49-d35:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x53:d25:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x53:d40:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x53:d45:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:15.1x53:d70:*:*:*:*:*:*

History

21 Nov 2024, 03:06

Type Values Removed Values Added
CVSS v2 : 7.2
v3 : 7.8
v2 : 7.2
v3 : 7.0
References () http://www.securityfocus.com/bid/100323 - () http://www.securityfocus.com/bid/100323 -
References () http://www.securitytracker.com/id/1038900 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1038900 - Third Party Advisory, VDB Entry
References () https://kb.juniper.net/JSA10803 - Vendor Advisory () https://kb.juniper.net/JSA10803 - Vendor Advisory

Information

Published : 2017-07-17 13:18

Updated : 2024-11-21 03:06


NVD link : CVE-2017-10602

Mitre link : CVE-2017-10602

CVE.ORG link : CVE-2017-10602


JSON object : View

Products Affected

juniper

  • junos
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer