CVE-2017-2320
CRITICALJuniper Networks NorthStar Controller <2.1.0 - DoS
Title source: llmDescription
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various denials of services leading to targeted information disclosure, modification of any component of the NorthStar system, including managed systems, and full denial of services to any systems under management which NorthStar interacts with using read-only or read-write credentials.
References (2)
Core 2
Core References
Mitigation, Vendor Advisory x_refsource_confirm
https://kb.juniper.net/JSA10783
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/97687
Scores
CVSS v3
10.0
EPSS
0.0049
EPSS Percentile
65.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-200
Status
published
Products (2)
juniper/northstar_controller
< 2.1.0
Juniper Networks/NorthStar Controller Application
prior to version 2.1.0 Service Pack 1
Published
Apr 24, 2017
Tracked Since
Feb 18, 2026