CVE-2017-2330

CWE-8345 documents5 sources
Severity
6.2MEDIUM
EPSS
0.0%
top 84.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Northstar ControllerJuniper Networks Northstar Controller Application
Timeline
PublishedApr 24
Latest updateMay 13

Description

A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, local user, to create a fork bomb scenario, also known as a rabbit virus, or wabbit, which will create processes that replicate themselves, until all resources are consumed on the system, leading to a denial of service to the entire system until it is restarted. Continued attacks by an unauthenticated, local user, can lead to persistent denial

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.5 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/northstar_controller_applicationprior to version 2.1.0 Service Pack 1

🔴Vulnerability Details

2
GHSA
GHSA-w879-475f-rqqc: A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 22022-05-13
CVEList
CVE-2017-2330: A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 22017-04-24

📋Vendor Advisories

1
Juniper
CVE-2017-2330: A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthentica2017-04-24

💬Community

1
Bugzilla
CVE-2017-14160 libvorbis: Out-of-bounds read in the bark_noise_hybridmp function2017-10-09