CVE-2017-10622 — CRITICAL (9.8)

Vulnerability Description

An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issue only affects Junos Space Network Management Platform 17.1R1 without Patch v1 and 16.1 releases prior to 16.1R3. This issue was found by an external security researcher.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Juniper	Junos Space	17.1

Related Weaknesses (CWE)

CWE-287

References

http://www.securityfocus.com/bid/101258Third Party AdvisoryVDB Entry
https://kb.juniper.net/JSA10824Vendor Advisory
http://www.securityfocus.com/bid/101258Third Party AdvisoryVDB Entry
https://kb.juniper.net/JSA10824Vendor Advisory

FAQ

What is CVE-2017-10622?

CVE-2017-10622 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issue...

How severe is CVE-2017-10622?

CVE-2017-10622 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2017-10622?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos Space.