CVE-2017-2341
HIGHJuniper Networks Junos OS <14.1X53-D40 - Privilege Escalation
Title source: llmDescription
An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://kb.juniper.net/JSA10787
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1038893
Scores
CVSS v3
8.8
EPSS
0.0019
EPSS Percentile
40.6%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (15)
juniper/junos
14.1x53
juniper/junos
14.1x53-d10
juniper/junos
14.1x53-d15
juniper/junos
14.1x53-d25
juniper/junos
14.1x53-d26
juniper/junos
14.1x53-d27
juniper/junos
14.1x53-d30
juniper/junos
14.1x53-d35
juniper/junos
15.1 (17 CPE variants)
juniper/junos
15.1x49 (11 CPE variants)
... and 5 more
Published
Jul 17, 2017
Tracked Since
Feb 18, 2026