CVE-2017-10622

Published: Oct 13, 2017Modified: May 13, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issue only affects Junos Space Network Management Platform 17.1R1 without Patch v1 and 16.1 releases prior to 16.1R3. This issue was found by an external security researcher.

Affected (4)

Products: Juniper: Junos Space

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Juniper Junos Space	Version 17.1 r1

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Juniper Junos Space	Version 16.1
Juniper Junos Space	Version 16.1 r1
Juniper Junos Space	Version 16.1 r2

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (4)

http://www.securityfocus.com/bid/101258

Source: sirt@juniper.net

Third Party AdvisoryVDB Entry

https://kb.juniper.net/JSA10824

Source: sirt@juniper.net

Vendor Advisory

http://www.securityfocus.com/bid/101258

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://kb.juniper.net/JSA10824

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.