CVE-2017-2341 - OpenCVE

An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Juniper	Acx5000 Ex4600 Junos Nfx250 Qfx10002 Qfx10008 Qfx10016 Qfx5110 Qfx5200 Srx1500 Srx4100 Srx4200 Vsrx

Configuration 1 [-]

AND

OR	cpe:2.3:o:juniper:junos:14.1x53:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d10:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d15:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d25:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d26:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d27:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d30:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d35:::::::*

cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:juniper:junos:14.1x53:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d10:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d15:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d25:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d26:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d27:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d30:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d35:::::::*

cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

OR	cpe:2.3:o:juniper:junos:14.1x53:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d10:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d15:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d25:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d26:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d27:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d30:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d35:::::::*

cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

OR	cpe:2.3:o:juniper:junos:14.1x53:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d10:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d15:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d25:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d26:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d27:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d30:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d35:::::::*

cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

OR	cpe:2.3:o:juniper:junos:14.1x53:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d10:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d15:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d25:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d26:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d27:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d30:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d35:::::::*

cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

OR	cpe:2.3:o:juniper:junos:14.1x53:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d10:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d15:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d25:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d26:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d27:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d30:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d35:::::::*

cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

OR	cpe:2.3:o:juniper:junos:14.1x53:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d10:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d15:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d25:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d26:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d27:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d30:::::::*
	cpe:2.3:o:juniper:junos:14.1x53-d35:::::::*

cpe:2.3:h:juniper:nfx250:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

OR	cpe:2.3:o:juniper:junos:15.1:::::::*
	cpe:2.3:o:juniper:junos:15.1:a1::::::
	cpe:2.3:o:juniper:junos:15.1:f1::::::
	cpe:2.3:o:juniper:junos:15.1:f2::::::
	cpe:2.3:o:juniper:junos:15.1:f2-s1::::::
	cpe:2.3:o:juniper:junos:15.1:f2-s2::::::
	cpe:2.3:o:juniper:junos:15.1:f2-s3::::::
	cpe:2.3:o:juniper:junos:15.1:f2-s4::::::
	cpe:2.3:o:juniper:junos:15.1:f3::::::
	cpe:2.3:o:juniper:junos:15.1:f4::::::
	cpe:2.3:o:juniper:junos:15.1:f5::::::
	cpe:2.3:o:juniper:junos:15.1:f6::::::
	cpe:2.3:o:juniper:junos:15.1:f7::::::
	cpe:2.3:o:juniper:junos:15.1:r1::::::
	cpe:2.3:o:juniper:junos:15.1:r2::::::
	cpe:2.3:o:juniper:junos:15.1:r3::::::
	cpe:2.3:o:juniper:junos:15.1:r4::::::

cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

OR	cpe:2.3:o:juniper:junos:15.1x49:::::::*
	cpe:2.3:o:juniper:junos:15.1x49:d10::::::
	cpe:2.3:o:juniper:junos:15.1x49:d20::::::
	cpe:2.3:o:juniper:junos:15.1x49:d30::::::
	cpe:2.3:o:juniper:junos:15.1x49:d35::::::
	cpe:2.3:o:juniper:junos:15.1x49:d40::::::
	cpe:2.3:o:juniper:junos:15.1x49:d45::::::
	cpe:2.3:o:juniper:junos:15.1x49:d50::::::
	cpe:2.3:o:juniper:junos:15.1x49:d55::::::
	cpe:2.3:o:juniper:junos:15.1x49:d60::::::
	cpe:2.3:o:juniper:junos:15.1x49:d65::::::

cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

OR	cpe:2.3:o:juniper:junos:15.1x49:::::::*
	cpe:2.3:o:juniper:junos:15.1x49:d10::::::
	cpe:2.3:o:juniper:junos:15.1x49:d20::::::
	cpe:2.3:o:juniper:junos:15.1x49:d30::::::
	cpe:2.3:o:juniper:junos:15.1x49:d35::::::
	cpe:2.3:o:juniper:junos:15.1x49:d40::::::
	cpe:2.3:o:juniper:junos:15.1x49:d45::::::
	cpe:2.3:o:juniper:junos:15.1x49:d50::::::
	cpe:2.3:o:juniper:junos:15.1x49:d55::::::
	cpe:2.3:o:juniper:junos:15.1x49:d60::::::
	cpe:2.3:o:juniper:junos:15.1x49:d65::::::

cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

OR	cpe:2.3:o:juniper:junos:15.1x49:::::::*
	cpe:2.3:o:juniper:junos:15.1x49:d10::::::
	cpe:2.3:o:juniper:junos:15.1x49:d20::::::
	cpe:2.3:o:juniper:junos:15.1x49:d30::::::
	cpe:2.3:o:juniper:junos:15.1x49:d35::::::
	cpe:2.3:o:juniper:junos:15.1x49:d40::::::
	cpe:2.3:o:juniper:junos:15.1x49:d45::::::
	cpe:2.3:o:juniper:junos:15.1x49:d50::::::
	cpe:2.3:o:juniper:junos:15.1x49:d55::::::
	cpe:2.3:o:juniper:junos:15.1x49:d60::::::
	cpe:2.3:o:juniper:junos:15.1x49:d65::::::

cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

OR	cpe:2.3:o:juniper:junos:15.1x49:::::::*
	cpe:2.3:o:juniper:junos:15.1x49:d10::::::
	cpe:2.3:o:juniper:junos:15.1x49:d20::::::
	cpe:2.3:o:juniper:junos:15.1x49:d30::::::
	cpe:2.3:o:juniper:junos:15.1x49:d35::::::
	cpe:2.3:o:juniper:junos:15.1x49:d40::::::
	cpe:2.3:o:juniper:junos:15.1x49:d45::::::
	cpe:2.3:o:juniper:junos:15.1x49:d50::::::
	cpe:2.3:o:juniper:junos:15.1x49:d55::::::
	cpe:2.3:o:juniper:junos:15.1x49:d60::::::
	cpe:2.3:o:juniper:junos:15.1x49:d65::::::

cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

OR	cpe:2.3:o:juniper:junos:16.1:::::::*
	cpe:2.3:o:juniper:junos:16.1:r1::::::

cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

OR	cpe:2.3:o:juniper:junos:16.1:::::::*
	cpe:2.3:o:juniper:junos:16.1:r1::::::

cpe:2.3:h:juniper:acx5000:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securitytracker.com/id/1038893
https://kb.juniper.net/JSA10787

History

No history.

MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2017-07-14T14:00:00Z

Updated: 2024-09-16T18:48:59.443Z

Reserved: 2016-12-01T00:00:00

Link: CVE-2017-2341

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-07-17T13:18:24.237

Modified: 2019-10-09T23:26:44.587

Link: CVE-2017-2341

Redhat

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object