Vulnerability Details : CVE-2017-2317
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause denials of services to underlying database tables leading to potential information disclosure, modification of system states, and partial to full denial of services relying upon data modified by an attacker.
Vulnerability category: Denial of serviceInformation leak
Products affected by CVE-2017-2317
- cpe:2.3:a:juniper:northstar_controller:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-2317
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 39 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-2317
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
8.6
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H |
3.9
|
4.7
|
NIST |
CWE ids for CVE-2017-2317
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-2317
-
http://www.securityfocus.com/bid/97652
Juniper NorthStar Controller Application CVE-2017-2317 Unspecified Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://kb.juniper.net/JSA10783
Juniper Networks - 2017-04 Security Bulletin: Multiple Vulnerabilities in NorthStar Controller Application before version 2.1.0 Service Pack 1.Mitigation;Vendor Advisory
Jump to