{"containers": {"cna": {"affected": [{"platforms": ["QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"status": "affected", "version": "14.1X53 prior to 14.1X53-D40"}]}, {"platforms": ["EX4600"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"status": "affected", "version": "15.1 prior to 15.1R5"}]}, {"platforms": ["vSRX, SRX1500, SRX4100, SRX4200"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"status": "affected", "version": "15.1X49 prior to 15.1X49-D70"}]}, {"platforms": ["EX4600, ACX5000 series"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"status": "affected", "version": "16.1 prior to 16.1R2"}]}], "configurations": [{"lang": "en", "value": "This issue does not affect Junos OS where FIPS mode is enabled."}], "datePublic": "2017-07-12T00:00:00", "descriptions": [{"lang": "en", "value": "An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "insufficient authentication vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-15T09:57:01", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"name": "1038893", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1038893"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA10787"}], "title": "Junos OS: VM to host privilege escalation in platforms with Junos OS running in a virtualized environment.", "workarounds": [{"lang": "en", "value": "Running Junos OS in FIPS mode eliminates this vulnerability.\n"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2017-07-12T09:00", "ID": "CVE-2017-2341", "STATE": "PUBLIC", "TITLE": "Junos OS: VM to host privilege escalation in platforms with Junos OS running in a virtualized environment."}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"platform": "QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250", "version_value": "14.1X53 prior to 14.1X53-D40"}, {"platform": "EX4600", "version_value": "15.1 prior to 15.1R5"}, {"platform": "vSRX, SRX1500, SRX4100, SRX4200", "version_value": "15.1X49 prior to 15.1X49-D70"}, {"platform": "EX4600, ACX5000 series", "version_value": "16.1 prior to 16.1R2"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "configuration": [{"lang": "en", "value": "This issue does not affect Junos OS where FIPS mode is enabled."}], "credit": [], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue."}]}, "exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "insufficient authentication vulnerability"}]}]}, "references": {"reference_data": [{"name": "1038893", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038893"}, {"name": "https://kb.juniper.net/JSA10787", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA10787"}]}, "solution": "The following software releases have been updated to resolve this specific issue: Junos OS 14.1X53-D40, 15.1R5, 15.1X49-D70, 16.1R2 and all subsequent releases.\n\nThis issue is being tracked as PR 1161762 and is visible on the Customer Support website.", "work_around": [{"lang": "en", "value": "Running Junos OS in FIPS mode eliminates this vulnerability.\n"}]}}}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2017-2341", "datePublished": "2017-07-12T00:00:00", "dateReserved": "2016-12-01T00:00:00", "dateUpdated": "2017-07-15T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*", "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*", "matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*", "matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*", "matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*", "matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*", "matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*", "matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*", "matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*", "matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*", "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*", "matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*", "matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*", "matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*", "matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*", "matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*", "matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*", "matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*", "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*", "matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*", "matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*", "matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*", "matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*", "matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*", "matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*", "matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1401145-D8EC-4DB9-9CDE-9DE6C0D000C5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*", "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*", "matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*", "matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*", "matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*", "matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*", "matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*", "matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*", "matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*", "matchCriteriaId": "1453E42A-77B3-4922-8EC3-1A5668C39550", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*", "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*", "matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*", "matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*", "matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*", "matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*", "matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*", "matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*", "matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*", "matchCriteriaId": "26408465-BD6A-4416-B98E-691A5F651080", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*", "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*", "matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*", "matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*", "matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*", "matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*", "matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*", "matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*", "matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*", "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d10:*:*:*:*:*:*:*", "matchCriteriaId": "ED7DBA7C-962E-40AD-84E7-7E80338193BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d15:*:*:*:*:*:*:*", "matchCriteriaId": "63814912-13EF-4009-B329-A87372E29430", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d25:*:*:*:*:*:*:*", "matchCriteriaId": "9BFC7A52-9982-4CAF-9FD8-6629DD3D9930", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d26:*:*:*:*:*:*:*", "matchCriteriaId": "D2534954-04C0-45E0-8889-1184D82CCD98", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d27:*:*:*:*:*:*:*", "matchCriteriaId": "0CF9D78C-775A-4F29-A1CB-7FDF82BA6E12", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d30:*:*:*:*:*:*:*", "matchCriteriaId": "25C40BB8-052B-4D47-8ED3-93C4C2988BD2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53-d35:*:*:*:*:*:*:*", "matchCriteriaId": "6654B5FD-8F94-4564-AFAB-D97760218ED1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:nfx250:-:*:*:*:*:*:*:*", "matchCriteriaId": "7EB08A27-7777-4538-ADC4-9D2F89963C13", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "BD0952C4-FFCC-4A78-ADFC-289BD6E269DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:a1:*:*:*:*:*:*", "matchCriteriaId": "83AB8877-3DC0-4B8C-B864-1BF18C368337", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*", "matchCriteriaId": "C56F5C48-BA48-4EE1-88BE-782B3CFB3B90", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*", "matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s1:*:*:*:*:*:*", "matchCriteriaId": "AC196685-3B0C-4754-AE6A-6BE456CC6B52", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s2:*:*:*:*:*:*", "matchCriteriaId": "F0146AA9-C513-4871-A62A-52C9F40EB958", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s3:*:*:*:*:*:*", "matchCriteriaId": "A18672EF-E33D-4ACE-BB0A-561812F502C7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s4:*:*:*:*:*:*", "matchCriteriaId": "CEF0E75F-831E-40B8-926D-B2E92A84E31B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*", "matchCriteriaId": "0E0ECBD8-3D66-49DA-A557-5695159F0C06", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*", "matchCriteriaId": "0EAA2998-A0D6-4818-9E7C-25E8099403E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*", "matchCriteriaId": "2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*", "matchCriteriaId": "71D211B9-B2FE-4324-AAEE-8825D5238E48", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f7:*:*:*:*:*:*", "matchCriteriaId": "BD332D86-5DA7-49A4-98C3-E4D946832DC1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*", "matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*", "matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*", "matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*", "matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*", "matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*", "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*", "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*", "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*", "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*", "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*", "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*", "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*", "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*", "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*", "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*", "matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*", "matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*", "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*", "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*", "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*", "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*", "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*", "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*", "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*", "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*", "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*", "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*", "matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*", "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*", "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*", "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*", "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*", "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*", "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*", "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*", "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*", "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*", "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*", "matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*", "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*", "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*", "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*", "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*", "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*", "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*", "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*", "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*", "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*", "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*", "matchCriteriaId": "2AC40ABB-E364-46C9-A904-C0ED02806250", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*", "matchCriteriaId": "BBE35BDC-7739-4854-8BB8-E8600603DE9D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*", "matchCriteriaId": "2AC40ABB-E364-46C9-A904-C0ED02806250", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*", "matchCriteriaId": "BBE35BDC-7739-4854-8BB8-E8600603DE9D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:acx5000:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C398D8D-AD15-422C-90DE-2EAD9B9A7DF4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue."}, {"lang": "es", "value": "Una vulnerabilidad de autenticaci\u00f3n insuficiente en plataformas donde las instancias de Junos OS se ejecutan en un entorno virtualizado, puede permitir que los usuarios sin privilegios de la instancia de Junos OS alcanzar acceso al entorno operativo del host y, por lo tanto, escalar los privilegios. Las versiones afectadas son Juniper Networks Junos OS versi\u00f3n 14.1X53 anterior a 14.1X53-D40 en QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 y NFX250; versi\u00f3n 15.1 anterior a 15.1R5 en EX4600; versi\u00f3n 15.1X49 anterior a 15.1X49-D70 en vSRX, SRX1500, SRX4100, SRX4200; versi\u00f3n 16.1 anterior a 16.1R2 en la serie EX4600, ACX5000. Este problema no afecta a vMX. Ning\u00fan otro producto o plataforma de Juniper Networks est\u00e1 afectada por este problema."}], "id": "CVE-2017-2341", "lastModified": "2019-10-09T23:26:44.587", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2017-07-17T13:18:24.237", "references": [{"source": "sirt@juniper.net", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1038893"}, {"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA10787"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}