Description
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various system services partial to full denials of services, modification of system states and files, and potential disclosure of sensitive information which may assist the attacker in further attacks on the system through the use of multiple attack vectors, including man-in-the-middle attacks, file injections, and malicious execution of commands causing out of bound memory conditions leading to other attacks.
References (2)
Core 2
Core References
Mitigation, Vendor Advisory x_refsource_confirm
https://kb.juniper.net/JSA10783
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/97693
Scores
CVSS v3
8.6
EPSS
0.0075
EPSS Percentile
73.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Details
Status
published
Products (2)
juniper/northstar_controller
< 2.1.0
Juniper Networks/NorthStar Controller Application
prior to version 2.1.0 Service Pack 1
Published
Apr 24, 2017
Tracked Since
Feb 18, 2026