CVE-2017-2309

Published: May 30, 2017Modified: May 13, 2026

5.9

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

On Juniper Networks Junos Space versions prior to 16.1R1 when certificate based authentication is enabled for the Junos Space cluster, some restricted web services are accessible over the network. This represents an information leak risk.

Affected (1)

Products: Juniper: Junos Space

Juniper

1 product

Junos Space

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Juniper Junos Space	Up to 16.1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www.securityfocus.com/bid/98750

Source: sirt@juniper.net

Third Party AdvisoryVDB Entry

https://kb.juniper.net/JSA10770

Source: sirt@juniper.net

MitigationVendor Advisory

http://www.securityfocus.com/bid/98750

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://kb.juniper.net/JSA10770

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

Timeline

No history available yet.