CVE-2017-10601

Published Jul 17, 2017

Last updated 5 years ago

CVSS critical 9.8

Overview

Description: A specific device configuration can result in a commit failure condition. When this occurs, a user is logged in without being prompted for a password while trying to login through console, ssh, ftp, telnet or su, etc., This issue relies upon a device configuration precondition to occur. Typically, device configurations are the result of a trusted administrative change to the system's running configuration. The following error messages may be seen when this failure occurs: mgd: error: commit failed: (statements constraint check failed) Warning: Commit failed, activating partial configuration. Warning: Edit the router configuration to fix these errors. If the administrative changes are not made that result in such a failure, then this issue is not seen. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 12.3 prior to 12.3R10, 12.3R11; 12.3X48 prior to 12.3X48-D20; 13.2 prior to 13.2R8; 13.3 prior to 13.3R7; 14.1 prior to 14.1R4-S12, 14.1R5, 14.1R6; 14.1X53 prior to 14.1X53-D30; 14.2 prior to 14.2R4; 15.1 prior to 15.1F2, 15.1F3, 15.1R2.
Source: sirt@juniper.net
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-287

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E014A0D-0054-4EBA-BA1F-035B74BD822F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "371A7DF8-3F4B-439D-8990-D1BC6F0C25C5"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0DD051A-E486-4A9D-A978-A5A980AAF237"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6F309FD-0A5A-4C86-B227-B2B511A5CEB4"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "960059B5-0701-4B75-AB51-0A430247D9F0"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D1DCA52-DA81-495B-B516-5571F01E3B0A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05E187F6-BACD-4DD5-B393-B2FE4349053A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C240840-A6BC-4E3D-A60D-22F08E67E2B2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC90563F-6BCB-4D77-8FD4-584E3A6C7741"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AD03BA7-D9EC-420F-97C4-383F79D6873F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CAB7D840-9469-4CE2-8DBF-017A44741374"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.2:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3A0A607-7D3C-4F2A-B5F5-576A70649CB1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32E9620A-7C0A-474C-919E-13609FFE580D"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.2:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "672D3A38-92B4-4F33-82A6-B2D3F3403AF3"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.2:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5C24441-6E9D-4EF7-8903-A109A52340C0"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.2:r5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CB98C4F-617F-4F51-A86E-D1EBE2BDE583"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.2:r6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A24E3EA6-810D-4885-8BE5-8A70E61E7589"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.2:r7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "767182F3-E97B-4E21-8FD5-A50C9F42ED60"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.2:r7-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8935F46F-084A-473E-94B1-011DA15D52AE"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.2:r7-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D252DA6-1269-42A0-A6DB-070AAC8396B2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4AF5DAA-62F5-491F-A9CE-098970671D43"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F2E537B-9504-4912-B231-0D83F4459469"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BCB3837-DCBC-4997-B63E-E47957584709"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C88E2B1-469B-442B-9FC0-7C9408CE3917"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FB5A368-E582-4DFD-87B4-C887DA908E47"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70ED0B93-2CFC-474F-B199-F78E1C67E8C7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6237291A-B861-4D53-B7AA-C53A44B76896"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C778627-820A-48F5-9680-0205D6DB5EB6"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA7F03DC-73A2-4760-B386-2A57E9C97E65"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CA10003-D52B-4110-9D7A-F50895E6BA17"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B2D843A-8ADE-4888-8960-B48394DEA1D2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BE66516-A06D-4C0F-8346-DFC8865C8FE8"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEBDFC9E-7753-42A8-A5C8-4D40D219F93A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D59449C6-5BD5-4C07-AEF6-EEBC70D9C4C7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79149AA0-17D1-4522-894F-C025F7A30FD7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30726286-7CB1-4E5D-AE44-2B4D84795900"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33BE028F-2961-414A-9D42-C4861566C2DC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E85AB30C-03FC-44DB-A8AA-B916A905CA66"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD0952C4-FFCC-4A78-ADFC-289BD6E269DB"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C56F5C48-BA48-4EE1-88BE-782B3CFB3B90"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E0ECBD8-3D66-49DA-A557-5695159F0C06"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References