cvelist/2017/10xxx/CVE-2017-10615.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "sirt@juniper.net",
      "DATE_PUBLIC" : "2017-10-11T09:00",
      "ID" : "CVE-2017-10615",
      "STATE" : "PUBLIC",
      "TITLE" : "Junos: Potential remote code execution vulnerability in PAM"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "Junos OS",
                        "version" : {
                           "version_data" : [
                              {
                                 "platform" : "",
                                 "version_value" : "14.1 from 14.1R5 prior to 14.1R8-S4, 14.1R9"
                              },
                              {
                                 "platform" : "",
                                 "version_value" : "14.1X53 prior to 14.1X53-D50"
                              },
                              {
                                 "platform" : "",
                                 "version_value" : "14.2 from 14.2R3 prior to 14.2R7-S8, 14.2R8"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "Juniper Networks"
            }
         ]
      }
   },
   "configuration" : [],
   "credit" : [],
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons such as telnetd or sshd that make use of PAM. Affected Juniper Networks Junos OS releases are: 14.1 from 14.1R5 prior to 14.1R8-S4, 14.1R9; 14.1X53 prior to 14.1X53-D50 on EX and QFX series; 14.2 from 14.2R3 prior to 14.2R7-S8, 14.2R8; No other Junos OS releases are affected by this issue. No other Juniper Networks products are affected by this issue."
         }
      ]
   },
   "exploit" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
   "impact" : {
      "cvss" : {
         "attackComplexity" : "LOW",
         "attackVector" : "NETWORK",
         "availabilityImpact" : "HIGH",
         "baseScore" : 9.8,
         "baseSeverity" : "CRITICAL",
         "confidentialityImpact" : "HIGH",
         "integrityImpact" : "HIGH",
         "privilegesRequired" : "NONE",
         "scope" : "UNCHANGED",
         "userInteraction" : "NONE",
         "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
         "version" : "3.0"
      }
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "remote code execution vulnerability"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://kb.juniper.net/JSA10818",
            "refsource" : "CONFIRM",
            "url" : "https://kb.juniper.net/JSA10818"
         },
         {
            "name" : "1040039",
            "refsource" : "SECTRACK",
            "url" : "http://www.securitytracker.com/id/1040039"
         }
      ]
   },
   "solution" : "The following software releases have been updated to resolve this specific issue: 14.1R8-S4, 14.1R9, 14.1X53-D50, 14.2R7-S8, 14.2R8 and all subsequent and all subsequent releases.\n\nThis issue is being tracked as PR 1192119 and is visible on the Customer Support website.\n\nNote: Other Junos OS releases may contain a change for PR 1192119, but are not affected by this issue.",
   "work_around" : [
      {
         "lang" : "eng",
         "value" : "There are no viable workarounds for this issue."
      },
      {
         "lang" : "eng",
         "value" : "It is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the router only from trusted, administrative networks or hosts.\n\nThe risk of malicious exploitation can be reduced by disabling services if they are not being used. "
      }
   ]
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "sirt@juniper.net",`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"DATE_PUBLIC" : "2017-10-11T09:00",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"ID" : "CVE-2017-10615",`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"STATE" : "PUBLIC",`
			`"TITLE" : "Junos: Potential remote code execution vulnerability in PAM"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"product_name" : "Junos OS",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"version" : {`
			`"version_data" : [`
			`{`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"platform" : "",`
			`"version_value" : "14.1 from 14.1R5 prior to 14.1R8-S4, 14.1R9"`
			`},`
			`{`
			`"platform" : "",`
			`"version_value" : "14.1X53 prior to 14.1X53-D50"`
			`},`
			`{`
			`"platform" : "",`
			`"version_value" : "14.2 from 14.2R3 prior to 14.2R7-S8, 14.2R8"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"vendor_name" : "Juniper Networks"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`},`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"configuration" : [],`
			`"credit" : [],`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			"value" : "A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons such as telnetd or sshd that make use of PAM. Affected Juniper Networks Junos OS releases are: 14.1 from 14.1R5 prior to 14.1R8-S4, 14.1R9; 14.1X53 prior to 14.1X53-D50 on EX and QFX series; 14.2 from 14.2R3 prior to 14.2R7-S8, 14.2R8; No other Junos OS releases are affected by this issue. No other Juniper Networks products are affected by this issue."
			`}`
			`]`
			`},`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"exploit" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",`
			`"impact" : {`
			`"cvss" : {`
			`"attackComplexity" : "LOW",`
			`"attackVector" : "NETWORK",`
			`"availabilityImpact" : "HIGH",`
			`"baseScore" : 9.8,`
			`"baseSeverity" : "CRITICAL",`
			`"confidentialityImpact" : "HIGH",`
			`"integrityImpact" : "HIGH",`
			`"privilegesRequired" : "NONE",`
			`"scope" : "UNCHANGED",`
			`"userInteraction" : "NONE",`
			`"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",`
			`"version" : "3.0"`
			`}`
			`},`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"value" : "remote code execution vulnerability"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://kb.juniper.net/JSA10818",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://kb.juniper.net/JSA10818"`
- Synchronized data. 2018-01-04 06:04:08 -05:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "1040039",`
			`"refsource" : "SECTRACK",`
- Synchronized data. 2018-01-04 06:04:08 -05:00			`"url" : "http://www.securitytracker.com/id/1040039"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`},`
			`"solution" : "The following software releases have been updated to resolve this specific issue: 14.1R8-S4, 14.1R9, 14.1X53-D50, 14.2R7-S8, 14.2R8 and all subsequent and all subsequent releases.\n\nThis issue is being tracked as PR 1192119 and is visible on the Customer Support website.\n\nNote: Other Junos OS releases may contain a change for PR 1192119, but are not affected by this issue.",`
			`"work_around" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "There are no viable workarounds for this issue."`
			`},`
			`{`
			`"lang" : "eng",`
			`"value" : "It is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the router only from trusted, administrative networks or hosts.\n\nThe risk of malicious exploitation can be reduced by disabling services if they are not being used. "`
			`}`
			`]`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`