CVE-2017-10615

Published Oct 13, 2017

Last updated 7 years ago

CVSS critical 9.8

Overview

Description: A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons such as telnetd or sshd that make use of PAM. Affected Juniper Networks Junos OS releases are: 14.1 from 14.1R5 prior to 14.1R8-S4, 14.1R9; 14.1X53 prior to 14.1X53-D50 on EX and QFX series; 14.2 from 14.2R3 prior to 14.2R7-S8, 14.2R8; No other Junos OS releases are affected by this issue. No other Juniper Networks products are affected by this issue.
Source: sirt@juniper.net
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6237291A-B861-4D53-B7AA-C53A44B76896"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C778627-820A-48F5-9680-0205D6DB5EB6"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA7F03DC-73A2-4760-B386-2A57E9C97E65"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CA10003-D52B-4110-9D7A-F50895E6BA17"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B2D843A-8ADE-4888-8960-B48394DEA1D2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BE66516-A06D-4C0F-8346-DFC8865C8FE8"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEBDFC9E-7753-42A8-A5C8-4D40D219F93A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25E5D543-D779-482D-AA8A-6E77C1949FBD"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A76DAC5-AEC4-47E8-9876-71EE5BAD73E2"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:juniper:ex3200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4C7A20FC-A19F-4881-A0E8-C440E9FE60D0"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex3300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FC326549-217D-4194-8310-AB398D6FF3F0"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex3300-vc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D32B9B26-8BF0-4C56-A9BF-D9BBAEA50506"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "53269C69-3D1E-4F05-8EF6-81743D7A699E"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex4200-vc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E0F54ADF-7C13-4AA6-B61E-627D4DBB1CF3"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E594D6DC-87F6-40D2-8268-ED6021462168"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex4300-vc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "303ADB06-5CB5-44DA-8387-39FACC539EF0"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex4500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DDEE8AE4-B393-442C-AD68-4AC43E76A8F3"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex4500-vc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9D842407-7A13-47C7-BBC9-FB0E978221CB"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex4550:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D7E98077-92AF-4E3E-96F0-2E6F9D6343D9"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex4550-vc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0B84C72A-C314-46FB-8DD8-1DF29C6C4B0D"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex4600-vc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A3ECB975-D1A0-4318-9C5E-752A3C98F76F"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex6200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F6CC1C89-B37F-4C5F-9F79-12997C79711D"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex8200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4AFE829C-325D-4E66-A6A2-A81BE8BCAB72"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex8200-vc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B74B12A6-1CE2-4293-ABA5-E3F23E15485C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74500FC7-EE82-4AA8-9A5F-15DE4835E337"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAE14AE1-6756-4831-A8D5-A6D07DB24AF2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A545D686-25FD-47CD-838A-CF69FB707253"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB013C0D-893D-4A71-AF86-B63DB4464784"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D59449C6-5BD5-4C07-AEF6-EEBC70D9C4C7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79149AA0-17D1-4522-894F-C025F7A30FD7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30726286-7CB1-4E5D-AE44-2B4D84795900"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33BE028F-2961-414A-9D42-C4861566C2DC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E85AB30C-03FC-44DB-A8AA-B916A905CA66"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D01CA25F-E1E1-4831-8561-D3B0300BF4A7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A117A0D6-6356-49DF-8B21-F6D47C6B8E94"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C31AA11-FA95-4927-9E48-D46BBE4945B1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "469B95AC-E779-43D2-A24F-B9CB6D5DB9B8"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References