CVE-2017-2317

CWE-200Information Exposure4 documents4 sources
Severity
8.6HIGH
EPSS
0.5%
top 36.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Northstar ControllerJuniper Networks Northstar Controller Application
Timeline
PublishedApr 24
Latest updateMay 13

Description

A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause denials of services to underlying database tables leading to potential information disclosure, modification of system states, and partial to full denial of services relying upon data modified by an attacker.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:HExploitability: 3.9 | Impact: 4.7

Affected Packages2 packages

CVEListV5juniper_networks/northstar_controller_applicationprior to version 2.1.0 Service Pack 1

🔴Vulnerability Details

2
GHSA
GHSA-8g9g-j6p5-3x9c: A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 22022-05-13
CVEList
CVE-2017-2317: A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 22017-04-24

📋Vendor Advisories

1
Juniper
CVE-2017-2317: A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthentica2017-04-24