CVE-2017-2321

5 documents5 sources

Severity

8.6HIGH

EPSS

0.7%

top 26.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Northstar Controller Juniper Networks Northstar Controller Application

Timeline

PublishedApr 24

Latest updateMay 13

Description

A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various system services partial to full denials of services, modification of system states and files, and potential disclosure of sensitive information which may assist the attacker in further attacks on the system through the use of multiple attack vectors, including man-in-the-middle attacks, file injections, and …

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:HExploitability: 3.9 | Impact: 4.7

Affected Packages2 packages

▶CVEListV5juniper_networks/northstar_controller_applicationprior to version 2.1.0 Service Pack 1

▶NVDjuniper/northstar_controller2.1.0

🔴Vulnerability Details

GHSA

GHSA-6phr-4r76-8mwj: A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2↗2022-05-13

▶

CVEList

CVE-2017-2321: A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2↗2017-04-24

▶

💥Exploits & PoCs

Nuclei

ZTE Cable Modem Web Shell

▶

📋Vendor Advisories

Juniper

CVE-2017-2321: A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged,↗2017-04-24

▶