CVE-2017-10623

HIGH

Juniper Networks Junos Space < 17.1R1 - Unauthenticated Cluster Message Interception and Injection

Title source: llm
STIX 2.1

Description

Lack of authentication and authorization of cluster messages in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to intercept, inject or disrupt Junos Space cluster operations between two nodes. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kb.juniper.net/JSA10826

Scores

CVSS v3 7.1
EPSS 0.0023
EPSS Percentile 46.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-287
Status published
Products (2)
juniper/junos_space < 16.2
Juniper Networks/Junos Space versions prior to 17.1R1
Published Oct 13, 2017
Tracked Since Feb 18, 2026