{"containers": {"cna": {"affected": [{"product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"status": "affected", "version": "15.1X53 prior to 15.1X53-D47"}, {"status": "affected", "version": "15.1 prior to 15.1R3"}]}], "datePublic": "2017-07-12T00:00:00", "descriptions": [{"lang": "en", "value": "An XML injection vulnerability in Junos OS CLI can allow a locally authenticated user to elevate privileges and run arbitrary commands as the root user. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS 15.1X53 prior to 15.1X53-D47, 15.1 prior to 15.1R3. Junos versions prior to 15.1 are not affected. No other Juniper Networks products or platforms are affected by this issue."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "XML injection", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-15T09:57:01", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"name": "1038901", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038901"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA10805"}], "title": "Junos OS: Local XML Injection through CLI command can lead to privilege escalation", "workarounds": [{"lang": "en", "value": "There is no direct workaround to completely eliminate the risk of this vulnerability.\n\nUse access lists or firewall filters to limit access to the router's CLI only from trusted hosts. Restrict access to the CLI to only highly trusted administrators."}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2017-07-12T09:00", "ID": "CVE-2017-10603", "STATE": "PUBLIC", "TITLE": "Junos OS: Local XML Injection through CLI command can lead to privilege escalation"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"platform": "", "version_value": "15.1X53 prior to 15.1X53-D47"}, {"platform": "", "version_value": "15.1 prior to 15.1R3"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "configuration": [], "credit": [], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An XML injection vulnerability in Junos OS CLI can allow a locally authenticated user to elevate privileges and run arbitrary commands as the root user. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS 15.1X53 prior to 15.1X53-D47, 15.1 prior to 15.1R3. Junos versions prior to 15.1 are not affected. No other Juniper Networks products or platforms are affected by this issue."}]}, "exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "XML injection"}]}]}, "references": {"reference_data": [{"name": "1038901", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038901"}, {"name": "https://kb.juniper.net/JSA10805", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA10805"}]}, "solution": "The following software releases have been updated to resolve this specific issue: Junos OS 15.1X53-D47, 15.1R3, and all subsequent releases.\nThis issue is being tracked as PR 1091037 and is visible on the Customer Support website.", "work_around": [{"lang": "en", "value": "There is no direct workaround to completely eliminate the risk of this vulnerability.\n\nUse access lists or firewall filters to limit access to the router's CLI only from trusted hosts. Restrict access to the CLI to only highly trusted administrators."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T17:41:55.531Z"}, "title": "CVE Program Container", "references": [{"name": "1038901", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1038901"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.juniper.net/JSA10805"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2017-10603", "datePublished": "2017-07-14T14:00:00Z", "dateReserved": "2017-06-28T00:00:00", "dateUpdated": "2024-09-16T19:36:28.432Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*", "matchCriteriaId": "B71FB14A-67D4-4EDD-BB32-07764F5AFA6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*", "matchCriteriaId": "6E87C765-8D68-404A-AC71-3F22A7260E8C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*", "matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*", "matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d25:*:*:*:*:*:*", "matchCriteriaId": "1DD0B95A-7C9F-4A18-9CD8-BA344DEFC9D4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*", "matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*", "matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*", "matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*", "matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d40:*:*:*:*:*:*", "matchCriteriaId": "C2B5ED13-F998-447C-8FEA-047FE9FE2F4B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d45:*:*:*:*:*:*", "matchCriteriaId": "65F3CD2A-D5E1-4EFF-9013-6D81B396F765", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "BD0952C4-FFCC-4A78-ADFC-289BD6E269DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:a1:*:*:*:*:*:*", "matchCriteriaId": "83AB8877-3DC0-4B8C-B864-1BF18C368337", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*", "matchCriteriaId": "C56F5C48-BA48-4EE1-88BE-782B3CFB3B90", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*", "matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s1:*:*:*:*:*:*", "matchCriteriaId": "AC196685-3B0C-4754-AE6A-6BE456CC6B52", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s2:*:*:*:*:*:*", "matchCriteriaId": "F0146AA9-C513-4871-A62A-52C9F40EB958", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s3:*:*:*:*:*:*", "matchCriteriaId": "A18672EF-E33D-4ACE-BB0A-561812F502C7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s4:*:*:*:*:*:*", "matchCriteriaId": "CEF0E75F-831E-40B8-926D-B2E92A84E31B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*", "matchCriteriaId": "0E0ECBD8-3D66-49DA-A557-5695159F0C06", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*", "matchCriteriaId": "0EAA2998-A0D6-4818-9E7C-25E8099403E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*", "matchCriteriaId": "71D211B9-B2FE-4324-AAEE-8825D5238E48", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f7:*:*:*:*:*:*", "matchCriteriaId": "BD332D86-5DA7-49A4-98C3-E4D946832DC1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*", "matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*", "matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An XML injection vulnerability in Junos OS CLI can allow a locally authenticated user to elevate privileges and run arbitrary commands as the root user. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS 15.1X53 prior to 15.1X53-D47, 15.1 prior to 15.1R3. Junos versions prior to 15.1 are not affected. No other Juniper Networks products or platforms are affected by this issue."}, {"lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n XML en la CLI de Junos OS puede permitir que un usuario autenticado localmente eleve privilegios y ejecute comandos arbitrarios como el usuario root. Este problema se detect\u00f3 durante las pruebas internas de seguridad del producto. Las versiones afectadas son Juniper Networks Junos OS versi\u00f3n 15.1X53 anterior a 15.1X53-D47, versi\u00f3n 15.1 anterior a 15.1R3. Las versiones de Junos anteriores a 15.1 no se ven afectadas. Ning\u00fan otro producto o plataforma de Juniper Networks se ve afectado por este problema."}], "id": "CVE-2017-10603", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "sirt@juniper.net", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-07-17T13:18:18.687", "references": [{"source": "sirt@juniper.net", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1038901"}, {"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA10805"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1038901"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA10805"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-91"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}