CVE-2017-10602 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Networks Junos OS

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 78.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos Juniper Junos OS +2 more

Timeline

PublishedJul 17

Latest updateMay 14

Description

A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute code with root privileges. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D46 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4-S9, 14.2R6; 15.1 versions prior…

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

▶CVEListV5juniper_networks/junos_os14.1X53 — 14.1X53-D46+7

▶NVDjuniper/junos9 versions+8

▶juniperjuniper/junos_os

▶juniperjuniper/qfx_series

▶juniperjuniper/srx_series

🔴Vulnerability Details

GHSA

GHSA-v8x4-rv99-r6c5: A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute cod↗2022-05-14

▶

📋Vendor Advisories

Juniper

CVE-2017-10602: A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute cod↗2017-07-17

▶