CVE-2017-10622
CRITICALJuniper Junos Space 16.1-16.1R3 and 17.1R1 - Unauthenticated Authentication Bypass
Title source: llmDescription
An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issue only affects Junos Space Network Management Platform 17.1R1 without Patch v1 and 16.1 releases prior to 16.1R3. This issue was found by an external security researcher.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://kb.juniper.net/JSA10824
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/101258
Scores
CVSS v3
9.8
EPSS
0.2151
EPSS Percentile
95.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (4)
juniper/junos_space
17.1 r1
juniper/junos_space
16.1 (3 CPE variants)
Juniper Networks/Junos Space
16.1 releases prior to 16.1R3
Juniper Networks/Junos Space
17.1R1 without Patch-v1
Published
Oct 13, 2017
Tracked Since
Feb 18, 2026