Vulnerability Description
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various system services partial to full denials of services, modification of system states and files, and potential disclosure of sensitive information which may assist the attacker in further attacks on the system through the use of multiple attack vectors, including man-in-the-middle attacks, file injections, and malicious execution of commands causing out of bound memory conditions leading to other attacks.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Northstar Controller | <= 2.1.0 |
References
- http://www.securityfocus.com/bid/97693Third Party AdvisoryVDB Entry
- https://kb.juniper.net/JSA10783MitigationVendor Advisory
- http://www.securityfocus.com/bid/97693Third Party AdvisoryVDB Entry
- https://kb.juniper.net/JSA10783MitigationVendor Advisory
FAQ
What is CVE-2017-2321?
CVE-2017-2321 is a vulnerability with a CVSS score of 8.6 (HIGH). A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various system se...
How severe is CVE-2017-2321?
CVE-2017-2321 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-2321?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Northstar Controller.