cvelistv5 - cve-2017-2322

CVE-2017-2322 (GCVE-0-2017-2322)

Vulnerability from cvelistv5 – Published: 2017-04-24 18:00 – Updated: 2024-08-05 13:48

Summary

Severity ?

No CVSS data available.

CWE

denial of service

Assigner

juniper

References

URL

Tags

	https://kb.juniper.net/JSA10783	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/97613	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	Juniper Networks	NorthStar Controller Application	Affected: prior to version 2.1.0 Service Pack 1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:48:05.247Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10783"
          },
          {
            "name": "97613",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97613"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NorthStar Controller Application",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "status": "affected",
              "version": "prior to version 2.1.0 Service Pack 1"
            }
          ]
        }
      ],
      "datePublic": "2017-04-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "denial of service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-04-25T09:57:01",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA10783"
        },
        {
          "name": "97613",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97613"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2017-2322",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NorthStar Controller Application",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "prior to version 2.1.0 Service Pack 1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "denial of service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10783",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA10783"
            },
            {
              "name": "97613",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97613"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2017-2322",
    "datePublished": "2017-04-24T18:00:00",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-08-05T13:48:05.247Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:juniper:northstar_controller:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.1.0\", \"matchCriteriaId\": \"BBCC1859-771C-44AC-A4C1-AAA6A5E6C1BF\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de denegaci\\u00f3n de servicio en Juniper Networks NorthStar Controller Application anterior a la versi\\u00f3n 2.1.0 Service Pack 1, puede permitir que un usuario autenticado provoque denegaciones de servicio generalizadas a los servicios del sistema consumiendo puertos TCP y UDP que normalmente est\\u00e1n reservados para otros servicios del sistema.\"}]",
      "id": "CVE-2017-2322",
      "lastModified": "2024-11-21T03:23:16.967",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-04-24T18:59:00.587",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/97613\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.juniper.net/JSA10783\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/97613\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.juniper.net/JSA10783\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-400\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-2322\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2017-04-24T18:59:00.587\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de denegaci\u00f3n de servicio en Juniper Networks NorthStar Controller Application anterior a la versi\u00f3n 2.1.0 Service Pack 1, puede permitir que un usuario autenticado provoque denegaciones de servicio generalizadas a los servicios del sistema consumiendo puertos TCP y UDP que normalmente est\u00e1n reservados para otros servicios del sistema.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:juniper:northstar_controller:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.1.0\",\"matchCriteriaId\":\"BBCC1859-771C-44AC-A4C1-AAA6A5E6C1BF\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/97613\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10783\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/97613\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10783\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}"
  }
}

GHSA-GVC9-VW59-3QXX

Vulnerability from github – Published: 2022-05-13 01:44 – Updated: 2022-05-13 01:44

Details

Severity ?

5.5 (Medium)


                  
                    CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-2322"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-04-24T18:59:00Z",
    "severity": "MODERATE"
  },
  "details": "A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services.",
  "id": "GHSA-gvc9-vw59-3qxx",
  "modified": "2022-05-13T01:44:45Z",
  "published": "2022-05-13T01:44:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2322"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA10783"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/97613"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2017-AVI-111

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Juniper EX Series avec IPv6
Juniper Networks	Junos OS	Junos OS versions 15.1 et postérieures avec BGP
Juniper Networks	N/A	NorthStar Controller Application antérieures à la version 2.1.0 SP1
Juniper Networks	Junos OS	Junos OS
Juniper Networks	N/A	Juniper SRX, vSRX et J-Series avec le serveur DNS Proxy actif

References

Title

Publication Time

Tags

Bulletin de sécurité JSA10776 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10778 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10781 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10785 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10780 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10783 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10786 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10777 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10784 Juniper du 12 avril 2017	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Juniper EX Series avec IPv6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 et post\u00e9rieures avec BGP",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NorthStar Controller Application ant\u00e9rieures \u00e0 la version 2.1.0 SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper SRX, vSRX et J-Series avec le serveur DNS Proxy actif",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-9310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9310"
    },
    {
      "name": "CVE-2017-2322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2322"
    },
    {
      "name": "CVE-2015-7973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7973"
    },
    {
      "name": "CVE-2017-2316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2316"
    },
    {
      "name": "CVE-2017-2328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2328"
    },
    {
      "name": "CVE-2016-9131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9131"
    },
    {
      "name": "CVE-2015-1349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1349"
    },
    {
      "name": "CVE-2017-2333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2333"
    },
    {
      "name": "CVE-2015-5477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5477"
    },
    {
      "name": "CVE-2015-8158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8158"
    },
    {
      "name": "CVE-2015-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2808"
    },
    {
      "name": "CVE-2015-3456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3456"
    },
    {
      "name": "CVE-2016-7429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7429"
    },
    {
      "name": "CVE-2017-2319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2319"
    },
    {
      "name": "CVE-2013-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4450"
    },
    {
      "name": "CVE-2016-1886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1886"
    },
    {
      "name": "CVE-2016-9311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9311"
    },
    {
      "name": "CVE-2015-8138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8138"
    },
    {
      "name": "CVE-2017-2334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2334"
    },
    {
      "name": "CVE-2017-2332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2332"
    },
    {
      "name": "CVE-2017-2340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2340"
    },
    {
      "name": "CVE-2017-2325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2325"
    },
    {
      "name": "CVE-2015-4620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4620"
    },
    {
      "name": "CVE-2017-2329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2329"
    },
    {
      "name": "CVE-2017-2318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2318"
    },
    {
      "name": "CVE-2017-2320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2320"
    },
    {
      "name": "CVE-2015-8104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8104"
    },
    {
      "name": "CVE-2016-7427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7427"
    },
    {
      "name": "CVE-2017-2330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2330"
    },
    {
      "name": "CVE-2017-2324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2324"
    },
    {
      "name": "CVE-2017-2317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2317"
    },
    {
      "name": "CVE-2016-1014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1014"
    },
    {
      "name": "CVE-2016-2776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2776"
    },
    {
      "name": "CVE-2015-7979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7979"
    },
    {
      "name": "CVE-2015-3209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3209"
    },
    {
      "name": "CVE-2017-2331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2331"
    },
    {
      "name": "CVE-2017-2326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2326"
    },
    {
      "name": "CVE-2017-2315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2315"
    },
    {
      "name": "CVE-2016-7431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7431"
    },
    {
      "name": "CVE-2017-2313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2313"
    },
    {
      "name": "CVE-2017-2323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2323"
    },
    {
      "name": "CVE-2016-9147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9147"
    },
    {
      "name": "CVE-2017-2327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2327"
    },
    {
      "name": "CVE-2015-5307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5307"
    },
    {
      "name": "CVE-2016-8864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8864"
    },
    {
      "name": "CVE-2017-2321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2321"
    },
    {
      "name": "CVE-2017-2312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2312"
    },
    {
      "name": "CVE-2016-9444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9444"
    }
  ],
  "links": [],
  "reference": "CERTFR-2017-AVI-111",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-04-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Juniper\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10776 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10776\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10778 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10778\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10781 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10781\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10785 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10785\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10780 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10780\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10783 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10783\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10786 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10786\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10777 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10777\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10784 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10784\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2017-AVI-111

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Juniper EX Series avec IPv6
Juniper Networks	Junos OS	Junos OS versions 15.1 et postérieures avec BGP
Juniper Networks	N/A	NorthStar Controller Application antérieures à la version 2.1.0 SP1
Juniper Networks	Junos OS	Junos OS
Juniper Networks	N/A	Juniper SRX, vSRX et J-Series avec le serveur DNS Proxy actif

References

Title

Publication Time

Tags

Bulletin de sécurité JSA10776 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10778 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10781 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10785 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10780 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10783 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10786 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10777 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10784 Juniper du 12 avril 2017	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Juniper EX Series avec IPv6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 et post\u00e9rieures avec BGP",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NorthStar Controller Application ant\u00e9rieures \u00e0 la version 2.1.0 SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper SRX, vSRX et J-Series avec le serveur DNS Proxy actif",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-9310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9310"
    },
    {
      "name": "CVE-2017-2322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2322"
    },
    {
      "name": "CVE-2015-7973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7973"
    },
    {
      "name": "CVE-2017-2316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2316"
    },
    {
      "name": "CVE-2017-2328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2328"
    },
    {
      "name": "CVE-2016-9131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9131"
    },
    {
      "name": "CVE-2015-1349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1349"
    },
    {
      "name": "CVE-2017-2333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2333"
    },
    {
      "name": "CVE-2015-5477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5477"
    },
    {
      "name": "CVE-2015-8158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8158"
    },
    {
      "name": "CVE-2015-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2808"
    },
    {
      "name": "CVE-2015-3456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3456"
    },
    {
      "name": "CVE-2016-7429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7429"
    },
    {
      "name": "CVE-2017-2319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2319"
    },
    {
      "name": "CVE-2013-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4450"
    },
    {
      "name": "CVE-2016-1886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1886"
    },
    {
      "name": "CVE-2016-9311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9311"
    },
    {
      "name": "CVE-2015-8138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8138"
    },
    {
      "name": "CVE-2017-2334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2334"
    },
    {
      "name": "CVE-2017-2332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2332"
    },
    {
      "name": "CVE-2017-2340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2340"
    },
    {
      "name": "CVE-2017-2325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2325"
    },
    {
      "name": "CVE-2015-4620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4620"
    },
    {
      "name": "CVE-2017-2329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2329"
    },
    {
      "name": "CVE-2017-2318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2318"
    },
    {
      "name": "CVE-2017-2320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2320"
    },
    {
      "name": "CVE-2015-8104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8104"
    },
    {
      "name": "CVE-2016-7427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7427"
    },
    {
      "name": "CVE-2017-2330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2330"
    },
    {
      "name": "CVE-2017-2324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2324"
    },
    {
      "name": "CVE-2017-2317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2317"
    },
    {
      "name": "CVE-2016-1014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1014"
    },
    {
      "name": "CVE-2016-2776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2776"
    },
    {
      "name": "CVE-2015-7979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7979"
    },
    {
      "name": "CVE-2015-3209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3209"
    },
    {
      "name": "CVE-2017-2331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2331"
    },
    {
      "name": "CVE-2017-2326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2326"
    },
    {
      "name": "CVE-2017-2315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2315"
    },
    {
      "name": "CVE-2016-7431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7431"
    },
    {
      "name": "CVE-2017-2313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2313"
    },
    {
      "name": "CVE-2017-2323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2323"
    },
    {
      "name": "CVE-2016-9147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9147"
    },
    {
      "name": "CVE-2017-2327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2327"
    },
    {
      "name": "CVE-2015-5307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5307"
    },
    {
      "name": "CVE-2016-8864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8864"
    },
    {
      "name": "CVE-2017-2321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2321"
    },
    {
      "name": "CVE-2017-2312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2312"
    },
    {
      "name": "CVE-2016-9444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9444"
    }
  ],
  "links": [],
  "reference": "CERTFR-2017-AVI-111",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-04-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Juniper\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10776 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10776\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10778 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10778\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10781 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10781\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10785 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10785\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10780 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10780\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10783 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10783\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10786 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10786\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10777 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10777\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10784 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10784\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

VAR-201704-0742

Vulnerability from variot - Updated: 2023-12-18 11:12

A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services. Juniper NorthStar Controller Application is prone to a local denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. The controller optimizes a service provider's transport network by establishing open industry-standard protocols

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201704-0742",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "northstar controller",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "2.1.0"
      },
      {
        "model": "northstar controller",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "2.1.0 service pack 1"
      },
      {
        "model": "northstar controller",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "2.1.0"
      },
      {
        "model": "northstar controller application",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "2.1.0"
      },
      {
        "model": "northstar controller application service pack",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "2.1.01"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "97613"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003411"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2322"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-983"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:juniper:northstar_controller:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.1.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2322"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "97613"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-2322",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 2.1,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2017-2322",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "VHN-110525",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.8,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 5.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2017-2322",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-2322",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201704-983",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-110525",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110525"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003411"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2322"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-983"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services. Juniper NorthStar Controller Application is prone to a local denial-of-service vulnerability. \nAn attacker can exploit this issue to cause a denial-of-service condition. The controller optimizes a service provider\u0027s transport network by establishing open industry-standard protocols",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2322"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003411"
      },
      {
        "db": "BID",
        "id": "97613"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110525"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-2322",
        "trust": 2.8
      },
      {
        "db": "JUNIPER",
        "id": "JSA10783",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "97613",
        "trust": 2.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003411",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-983",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-110525",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110525"
      },
      {
        "db": "BID",
        "id": "97613"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003411"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2322"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-983"
      }
    ]
  },
  "id": "VAR-201704-0742",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110525"
      }
    ],
    "trust": 0.65138886
  },
  "last_update_date": "2023-12-18T11:12:14.744000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "JSA10783",
        "trust": 0.8,
        "url": "https://kb.juniper.net/jsa10783"
      },
      {
        "title": "Juniper Networks NorthStar Controller Application Remediation of resource management error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=70251"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003411"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-983"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-399",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110525"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003411"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2322"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/97613"
      },
      {
        "trust": 1.7,
        "url": "https://kb.juniper.net/jsa10783"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2322"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2322"
      },
      {
        "trust": 0.3,
        "url": "http://www.juniper.net/"
      },
      {
        "trust": 0.3,
        "url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10783\u0026cat=sirt_1\u0026actp=list"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110525"
      },
      {
        "db": "BID",
        "id": "97613"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003411"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2322"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-983"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-110525"
      },
      {
        "db": "BID",
        "id": "97613"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003411"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2322"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-983"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-04-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110525"
      },
      {
        "date": "2017-04-12T00:00:00",
        "db": "BID",
        "id": "97613"
      },
      {
        "date": "2017-05-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-003411"
      },
      {
        "date": "2017-04-24T18:59:00.587000",
        "db": "NVD",
        "id": "CVE-2017-2322"
      },
      {
        "date": "2017-04-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-983"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110525"
      },
      {
        "date": "2017-04-18T01:05:00",
        "db": "BID",
        "id": "97613"
      },
      {
        "date": "2017-05-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-003411"
      },
      {
        "date": "2019-10-03T00:03:26.223000",
        "db": "NVD",
        "id": "CVE-2017-2322"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-983"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "97613"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-983"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Juniper Networks NorthStar Controller Service disruption to system services in applications  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003411"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-983"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2017-2322

Vulnerability from fkie_nvd - Published: 2017-04-24 18:59 - Updated: 2025-04-20 01:37

Severity ?

5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
sirt@juniper.net	http://www.securityfocus.com/bid/97613	Third Party Advisory, VDB Entry
sirt@juniper.net	https://kb.juniper.net/JSA10783	Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/97613	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA10783	Mitigation, Vendor Advisory

Impacted products

	Vendor	Product	Version
	juniper	northstar_controller	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:juniper:northstar_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCC1859-771C-44AC-A4C1-AAA6A5E6C1BF",
              "versionEndIncluding": "2.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de denegaci\u00f3n de servicio en Juniper Networks NorthStar Controller Application anterior a la versi\u00f3n 2.1.0 Service Pack 1, puede permitir que un usuario autenticado provoque denegaciones de servicio generalizadas a los servicios del sistema consumiendo puertos TCP y UDP que normalmente est\u00e1n reservados para otros servicios del sistema."
    }
  ],
  "id": "CVE-2017-2322",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-24T18:59:00.587",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97613"
    },
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10783"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97613"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10783"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2017-2322

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-2322

Aliases

CVE-2017-2322

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-2322",
    "description": "A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services.",
    "id": "GSD-2017-2322"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-2322"
      ],
      "details": "A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services.",
      "id": "GSD-2017-2322",
      "modified": "2023-12-13T01:21:05.652939Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "ID": "CVE-2017-2322",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "NorthStar Controller Application",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "prior to version 2.1.0 Service Pack 1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "denial of service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://kb.juniper.net/JSA10783",
            "refsource": "CONFIRM",
            "url": "https://kb.juniper.net/JSA10783"
          },
          {
            "name": "97613",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/97613"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:juniper:northstar_controller:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.1.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2017-2322"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10783",
              "refsource": "CONFIRM",
              "tags": [
                "Mitigation",
                "Vendor Advisory"
              ],
              "url": "https://kb.juniper.net/JSA10783"
            },
            {
              "name": "97613",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/97613"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2017-04-24T18:59Z"
    }
  }
}

CNVD-2017-06233

Vulnerability from cnvd - Published: 2017-05-09

Title

Juniper Networks NorthStar Controller拒绝服务漏洞（CNVD-2017-06233）

Description

Juniper Networks NorthStar Controller是一个功能强大且灵活的流量工程解决方案，可实现对运营商网络中的IP/MPLS流的精细可视化和控制。 Juniper Networks NorthStar Controller存在拒绝服务漏洞，认证用户可通过消耗通常保留给其他系统服务的TCP和UDP端口而导致系统服务的广泛不可用。

Severity

低

Patch Name

Juniper Networks NorthStar Controller拒绝服务漏洞（CNVD-2017-06233）的补丁

Patch Description

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10783&actp=METADATA

Reference

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10783&actp=METADATA https://nvd.nist.gov/vuln/detail/CVE-2017-2322 http://www.securityfocus.com/bid/97613

Impacted products

Name
Juniper Networks NorthStar Controller <=2.1.0

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "97613"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-2322"
    }
  },
  "description": "Juniper Networks NorthStar Controller\u662f\u4e00\u4e2a\u529f\u80fd\u5f3a\u5927\u4e14\u7075\u6d3b\u7684\u6d41\u91cf\u5de5\u7a0b\u89e3\u51b3\u65b9\u6848\uff0c\u53ef\u5b9e\u73b0\u5bf9\u8fd0\u8425\u5546\u7f51\u7edc\u4e2d\u7684IP/MPLS\u6d41\u7684\u7cbe\u7ec6\u53ef\u89c6\u5316\u548c\u63a7\u5236\u3002\r\n\r\nJuniper Networks NorthStar Controller\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8ba4\u8bc1\u7528\u6237\u53ef\u901a\u8fc7\u6d88\u8017\u901a\u5e38\u4fdd\u7559\u7ed9\u5176\u4ed6\u7cfb\u7edf\u670d\u52a1\u7684TCP\u548cUDP\u7aef\u53e3\u800c\u5bfc\u81f4\u7cfb\u7edf\u670d\u52a1\u7684\u5e7f\u6cdb\u4e0d\u53ef\u7528\u3002",
  "discovererName": "Juniper Networks",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10783\u0026actp=METADATA",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-06233",
  "openTime": "2017-05-09",
  "patchDescription": "Juniper Networks NorthStar Controller\u662f\u4e00\u4e2a\u529f\u80fd\u5f3a\u5927\u4e14\u7075\u6d3b\u7684\u6d41\u91cf\u5de5\u7a0b\u89e3\u51b3\u65b9\u6848\uff0c\u53ef\u5b9e\u73b0\u5bf9\u8fd0\u8425\u5546\u7f51\u7edc\u4e2d\u7684IP/MPLS\u6d41\u7684\u7cbe\u7ec6\u53ef\u89c6\u5316\u548c\u63a7\u5236\u3002\r\n\r\nJuniper Networks NorthStar Controller\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8ba4\u8bc1\u7528\u6237\u53ef\u901a\u8fc7\u6d88\u8017\u901a\u5e38\u4fdd\u7559\u7ed9\u5176\u4ed6\u7cfb\u7edf\u670d\u52a1\u7684TCP\u548cUDP\u7aef\u53e3\u800c\u5bfc\u81f4\u7cfb\u7edf\u670d\u52a1\u7684\u5e7f\u6cdb\u4e0d\u53ef\u7528\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Juniper Networks NorthStar Controller\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-06233\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Juniper Networks NorthStar Controller \u003c=2.1.0"
  },
  "referenceLink": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10783\u0026actp=METADATA\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-2322\r\nhttp://www.securityfocus.com/bid/97613",
  "serverity": "\u4f4e",
  "submitTime": "2017-05-03",
  "title": "Juniper Networks NorthStar Controller\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-06233\uff09"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-2322 (GCVE-0-2017-2322)

GHSA-GVC9-VW59-3QXX

CERTFR-2017-AVI-111

Solution

CERTFR-2017-AVI-111

Solution

VAR-201704-0742

FKIE_CVE-2017-2322

GSD-2017-2322

CNVD-2017-06233

Tags

Sightings

Nomenclature