// For flags

CVE-2017-10602

Junos OS: buffer overflow vulnerability in Junos CLI

Severity Score

7.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute code with root privileges. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D46 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4-S9, 14.2R6; 15.1 versions prior to 15.1F5, 15.1R3; 15.1X49 versions prior to 15.1X49-D40 on SRX Series; 15.1X53 versions prior to 15.1X53-D47 on NFX150, NFX250; 15.1X53 versions prior to 15.1X53-D65 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D233 on QFX5110, QFX5200.

Una vulnerabilidad de desbordamiento de búfer en la CLI de Junos OS puede permitir que un usuario autenticado local con privilegios de solo lectura y acceso a la CLI de Junos ejecute código con privilegios root. Las versiones afectadas son Juniper Networks Junos OS: versión 14.1X53 y versiones anteriores a 14.1X53-D46 en EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; Versiones 14.1X53 anteriores a 14.1X53-D130 en QFabric System; versión 14.2 y versiones anteriores a 14.2R4-S9, 14.2R6; versión 15.1 y versiones anteriores a 15.1F5, 15.1R3; versión 15.1X49 anteriores a 15.1X49-D40 en la serie SRX; versión 15.1X53 anteriores a 15.1X53-D47 en NFX150, NFX250; versión 15.1X53 anteriores a 15.1X53-D65 en la serie QFX10000; versión 15.1X53 anteriores a 15.1X53-D233 en QFX5110, QFX5200.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-06-28 CVE Reserved
  • 2017-07-14 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
14.1x53
Search vendor "Juniper" for product "Junos" and version "14.1x53"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
14.2
Search vendor "Juniper" for product "Junos" and version "14.2"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
14.2
Search vendor "Juniper" for product "Junos" and version "14.2"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
14.2
Search vendor "Juniper" for product "Junos" and version "14.2"
r2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
14.2
Search vendor "Juniper" for product "Junos" and version "14.2"
r3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
14.2
Search vendor "Juniper" for product "Junos" and version "14.2"
r4
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
14.2
Search vendor "Juniper" for product "Junos" and version "14.2"
r5
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1
Search vendor "Juniper" for product "Junos" and version "15.1"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1
Search vendor "Juniper" for product "Junos" and version "15.1"
a1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1
Search vendor "Juniper" for product "Junos" and version "15.1"
f1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1
Search vendor "Juniper" for product "Junos" and version "15.1"
f2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1
Search vendor "Juniper" for product "Junos" and version "15.1"
f2-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1
Search vendor "Juniper" for product "Junos" and version "15.1"
f2-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1
Search vendor "Juniper" for product "Junos" and version "15.1"
f2-s3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1
Search vendor "Juniper" for product "Junos" and version "15.1"
f2-s4
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1
Search vendor "Juniper" for product "Junos" and version "15.1"
f3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1
Search vendor "Juniper" for product "Junos" and version "15.1"
f4
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1
Search vendor "Juniper" for product "Junos" and version "15.1"
f6
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1
Search vendor "Juniper" for product "Junos" and version "15.1"
r3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49-d10
Search vendor "Juniper" for product "Junos" and version "15.1x49-d10"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49-d20
Search vendor "Juniper" for product "Junos" and version "15.1x49-d20"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49-d30
Search vendor "Juniper" for product "Junos" and version "15.1x49-d30"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49-d35
Search vendor "Juniper" for product "Junos" and version "15.1x49-d35"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x53
Search vendor "Juniper" for product "Junos" and version "15.1x53"
d10
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x53
Search vendor "Juniper" for product "Junos" and version "15.1x53"
d20
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x53
Search vendor "Juniper" for product "Junos" and version "15.1x53"
d21
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x53
Search vendor "Juniper" for product "Junos" and version "15.1x53"
d25
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x53
Search vendor "Juniper" for product "Junos" and version "15.1x53"
d30
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x53
Search vendor "Juniper" for product "Junos" and version "15.1x53"
d32
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x53
Search vendor "Juniper" for product "Junos" and version "15.1x53"
d33
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x53
Search vendor "Juniper" for product "Junos" and version "15.1x53"
d34
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x53
Search vendor "Juniper" for product "Junos" and version "15.1x53"
d40
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x53
Search vendor "Juniper" for product "Junos" and version "15.1x53"
d45
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x53
Search vendor "Juniper" for product "Junos" and version "15.1x53"
d70
Affected