Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2017-10615 | First vendor Publication | 2017-10-13 |
Vendor | Cve | Last vendor Modification | 2018-01-05 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | |||
---|---|---|---|
Overall CVSS Score | 9.8 | ||
Base Score | 9.8 | Environmental Score | 9.8 |
impact SubScore | 5.9 | Temporal Score | 9.8 |
Exploitabality Sub Score | 3.9 | ||
Attack Vector | Network | Attack Complexity | Low |
Privileges Required | None | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons such as telnetd or sshd that make use of PAM. Affected Juniper Networks Junos OS releases are: 14.1 from 14.1R5 prior to 14.1R8-S4, 14.1R9; 14.1X53 prior to 14.1X53-D50 on EX and QFX series; 14.2 from 14.2R3 prior to 14.2R7-S8, 14.2R8; No other Junos OS releases are affected by this issue. No other Juniper Networks products are affected by this issue. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10615 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-10-20 | Name : The remote device is missing a vendor-supplied security patch. File : juniper_jsa10818.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Source | Url |
---|---|
CONFIRM | https://kb.juniper.net/JSA10818 |
SECTRACK | http://www.securitytracker.com/id/1040039 |
Alert History
Date | Informations |
---|---|
2024-02-02 01:43:16 |
|
2024-02-01 12:12:11 |
|
2023-09-05 12:41:17 |
|
2023-09-05 01:11:55 |
|
2023-09-02 12:41:04 |
|
2023-09-02 01:12:12 |
|
2023-08-12 12:44:32 |
|
2023-08-12 01:11:41 |
|
2023-08-11 12:39:11 |
|
2023-08-11 01:12:01 |
|
2023-08-06 12:37:54 |
|
2023-08-06 01:11:40 |
|
2023-08-04 12:38:04 |
|
2023-08-04 01:11:44 |
|
2023-07-14 12:38:05 |
|
2023-07-14 01:11:44 |
|
2023-03-29 01:39:52 |
|
2023-03-28 12:12:01 |
|
2022-10-11 12:34:00 |
|
2022-10-11 01:11:39 |
|
2021-05-04 12:55:43 |
|
2021-04-22 02:08:10 |
|
2020-05-23 00:54:45 |
|
2019-04-16 12:07:56 |
|
2018-01-05 09:24:00 |
|
2017-11-02 21:23:55 |
|
2017-10-21 13:25:07 |
|
2017-10-13 21:24:21 |
|