CVE-2017-2322 (GCVE-0-2017-2322)
Vulnerability from cvelistv5
Published
2017-04-24 18:00
Modified
2024-08-05 13:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services.
References
| URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | NorthStar Controller Application |
Version: prior to version 2.1.0 Service Pack 1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:05.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10783"
},
{
"name": "97613",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97613"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NorthStar Controller Application",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "prior to version 2.1.0 Service Pack 1"
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-25T09:57:01",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10783"
},
{
"name": "97613",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97613"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"ID": "CVE-2017-2322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NorthStar Controller Application",
"version": {
"version_data": [
{
"version_value": "prior to version 2.1.0 Service Pack 1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10783",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10783"
},
{
"name": "97613",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97613"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2017-2322",
"datePublished": "2017-04-24T18:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:48:05.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-2322\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2017-04-24T18:59:00.587\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de denegaci\u00f3n de servicio en Juniper Networks NorthStar Controller Application anterior a la versi\u00f3n 2.1.0 Service Pack 1, puede permitir que un usuario autenticado provoque denegaciones de servicio generalizadas a los servicios del sistema consumiendo puertos TCP y UDP que normalmente est\u00e1n reservados para otros servicios del sistema.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:juniper:northstar_controller:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.1.0\",\"matchCriteriaId\":\"BBCC1859-771C-44AC-A4C1-AAA6A5E6C1BF\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/97613\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10783\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/97613\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10783\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…