{"containers": {"cna": {"affected": [{"product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"status": "affected", "version": "14.1 from 14.1R5 prior to 14.1R8-S4, 14.1R9"}, {"status": "affected", "version": "14.1X53 prior to 14.1X53-D50"}, {"status": "affected", "version": "14.2 from 14.2R3 prior to 14.2R7-S8, 14.2R8"}]}], "datePublic": "2017-10-11T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons such as telnetd or sshd that make use of PAM. Affected Juniper Networks Junos OS releases are: 14.1 from 14.1R5 prior to 14.1R8-S4, 14.1R9; 14.1X53 prior to 14.1X53-D50 on EX and QFX series; 14.2 from 14.2R3 prior to 14.2R7-S8, 14.2R8; No other Junos OS releases are affected by this issue. No other Juniper Networks products are affected by this issue."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "remote code execution vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-04T10:57:01", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA10818"}, {"name": "1040039", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1040039"}], "title": "Junos: Potential remote code execution vulnerability in PAM", "workarounds": [{"lang": "en", "value": "There are no viable workarounds for this issue."}, {"lang": "en", "value": "It is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the router only from trusted, administrative networks or hosts.\n\nThe risk of malicious exploitation can be reduced by disabling services if they are not being used. "}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2017-10-11T09:00", "ID": "CVE-2017-10615", "STATE": "PUBLIC", "TITLE": "Junos: Potential remote code execution vulnerability in PAM"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"platform": "", "version_value": "14.1 from 14.1R5 prior to 14.1R8-S4, 14.1R9"}, {"platform": "", "version_value": "14.1X53 prior to 14.1X53-D50"}, {"platform": "", "version_value": "14.2 from 14.2R3 prior to 14.2R7-S8, 14.2R8"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "configuration": [], "credit": [], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons such as telnetd or sshd that make use of PAM. Affected Juniper Networks Junos OS releases are: 14.1 from 14.1R5 prior to 14.1R8-S4, 14.1R9; 14.1X53 prior to 14.1X53-D50 on EX and QFX series; 14.2 from 14.2R3 prior to 14.2R7-S8, 14.2R8; No other Junos OS releases are affected by this issue. No other Juniper Networks products are affected by this issue."}]}, "exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "remote code execution vulnerability"}]}]}, "references": {"reference_data": [{"name": "https://kb.juniper.net/JSA10818", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA10818"}, {"name": "1040039", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040039"}]}, "solution": "The following software releases have been updated to resolve this specific issue: 14.1R8-S4, 14.1R9, 14.1X53-D50, 14.2R7-S8, 14.2R8 and all subsequent and all subsequent releases.\n\nThis issue is being tracked as PR 1192119 and is visible on the Customer Support website.\n\nNote: Other Junos OS releases may contain a change for PR 1192119, but are not affected by this issue.", "work_around": [{"lang": "en", "value": "There are no viable workarounds for this issue."}, {"lang": "en", "value": "It is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the router only from trusted, administrative networks or hosts.\n\nThe risk of malicious exploitation can be reduced by disabling services if they are not being used. "}]}}}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2017-10615", "datePublished": "2017-10-11T00:00:00", "dateReserved": "2017-06-28T00:00:00", "dateUpdated": "2018-01-04T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*", "matchCriteriaId": "6237291A-B861-4D53-B7AA-C53A44B76896", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*", "matchCriteriaId": "9C778627-820A-48F5-9680-0205D6DB5EB6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*", "matchCriteriaId": "FA7F03DC-73A2-4760-B386-2A57E9C97E65", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:*", "matchCriteriaId": "0CA10003-D52B-4110-9D7A-F50895E6BA17", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r4:*:*:*:*:*:*", "matchCriteriaId": "1B2D843A-8ADE-4888-8960-B48394DEA1D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r5:*:*:*:*:*:*", "matchCriteriaId": "3BE66516-A06D-4C0F-8346-DFC8865C8FE8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r6:*:*:*:*:*:*", "matchCriteriaId": "EEBDFC9E-7753-42A8-A5C8-4D40D219F93A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r7:*:*:*:*:*:*", "matchCriteriaId": "25E5D543-D779-482D-AA8A-6E77C1949FBD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r9:*:*:*:*:*:*", "matchCriteriaId": "8A76DAC5-AEC4-47E8-9876-71EE5BAD73E2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*", "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*", "matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*", "matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*", "matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*", "matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*", "matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*", "matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*", "matchCriteriaId": "74500FC7-EE82-4AA8-9A5F-15DE4835E337", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*", "matchCriteriaId": "AAE14AE1-6756-4831-A8D5-A6D07DB24AF2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*", "matchCriteriaId": "A545D686-25FD-47CD-838A-CF69FB707253", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*", "matchCriteriaId": "EB013C0D-893D-4A71-AF86-B63DB4464784", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:ex3200:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C7A20FC-A19F-4881-A0E8-C440E9FE60D0", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex3300:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC326549-217D-4194-8310-AB398D6FF3F0", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex3300-vc:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32B9B26-8BF0-4C56-A9BF-D9BBAEA50506", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*", "matchCriteriaId": "53269C69-3D1E-4F05-8EF6-81743D7A699E", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex4200-vc:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0F54ADF-7C13-4AA6-B61E-627D4DBB1CF3", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*", "matchCriteriaId": "E594D6DC-87F6-40D2-8268-ED6021462168", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex4300-vc:-:*:*:*:*:*:*:*", "matchCriteriaId": "303ADB06-5CB5-44DA-8387-39FACC539EF0", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex4500:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDEE8AE4-B393-442C-AD68-4AC43E76A8F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex4500-vc:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D842407-7A13-47C7-BBC9-FB0E978221CB", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex4550:-:*:*:*:*:*:*:*", "matchCriteriaId": "D7E98077-92AF-4E3E-96F0-2E6F9D6343D9", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex4550-vc:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B84C72A-C314-46FB-8DD8-1DF29C6C4B0D", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex4600-vc:-:*:*:*:*:*:*:*", "matchCriteriaId": "A3ECB975-D1A0-4318-9C5E-752A3C98F76F", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex6200:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6CC1C89-B37F-4C5F-9F79-12997C79711D", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex8200:-:*:*:*:*:*:*:*", "matchCriteriaId": "4AFE829C-325D-4E66-A6A2-A81BE8BCAB72", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:ex8200-vc:-:*:*:*:*:*:*:*", "matchCriteriaId": "B74B12A6-1CE2-4293-ABA5-E3F23E15485C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:*", "matchCriteriaId": "D59449C6-5BD5-4C07-AEF6-EEBC70D9C4C7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.2:r1:*:*:*:*:*:*", "matchCriteriaId": "79149AA0-17D1-4522-894F-C025F7A30FD7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.2:r2:*:*:*:*:*:*", "matchCriteriaId": "30726286-7CB1-4E5D-AE44-2B4D84795900", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.2:r3:*:*:*:*:*:*", "matchCriteriaId": "33BE028F-2961-414A-9D42-C4861566C2DC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.2:r4:*:*:*:*:*:*", "matchCriteriaId": "E85AB30C-03FC-44DB-A8AA-B916A905CA66", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.2:r5:*:*:*:*:*:*", "matchCriteriaId": "D01CA25F-E1E1-4831-8561-D3B0300BF4A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.2:r6:*:*:*:*:*:*", "matchCriteriaId": "A117A0D6-6356-49DF-8B21-F6D47C6B8E94", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.2:r7:*:*:*:*:*:*", "matchCriteriaId": "8C31AA11-FA95-4927-9E48-D46BBE4945B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.2:r8:*:*:*:*:*:*", "matchCriteriaId": "469B95AC-E779-43D2-A24F-B9CB6D5DB9B8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons such as telnetd or sshd that make use of PAM. Affected Juniper Networks Junos OS releases are: 14.1 from 14.1R5 prior to 14.1R8-S4, 14.1R9; 14.1X53 prior to 14.1X53-D50 on EX and QFX series; 14.2 from 14.2R3 prior to 14.2R7-S8, 14.2R8; No other Junos OS releases are affected by this issue. No other Juniper Networks products are affected by this issue."}, {"lang": "es", "value": "Una vulnerabilidad en el PAM (Pluggable Authentication Module) de Juniper Networks Junos OS podr\u00eda permitir a un atacante no autenticado en la red que ejecute c\u00f3digo arbitrario o cierre de manera inesperada demonios, como telnetd o sshd, que utilicen PAM. Las distribuciones afectadas de Juniper Networks Junos OS son: 14.1 desde la 14.1R5 y anteriores a 14.1R8-S4, 14.1R9; 14.1X53 anteriores a 14.1X53-D50 en series EX y QFX; 14.2 desde la 14.2R3 y anteriores a la14.2R7-S8, 14.2R8. No existen otras distribuciones de Junos OS que est\u00e9n afectadas por este problema. No hay ning\u00fan otro producto de Juniper Networks que se vea afectado por este problema."}], "id": "CVE-2017-10615", "lastModified": "2018-01-05T02:31:28.230", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2017-10-13T17:29:00.753", "references": [{"source": "sirt@juniper.net", "url": "http://www.securitytracker.com/id/1040039"}, {"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA10818"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}