CVE-2017-10602
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
17/07/2017
Last modified:
20/04/2025
Description
A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute code with root privileges. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D46 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4-S9, 14.2R6; 15.1 versions prior to 15.1F5, 15.1R3; 15.1X49 versions prior to 15.1X49-D40 on SRX Series; 15.1X53 versions prior to 15.1X53-D47 on NFX150, NFX250; 15.1X53 versions prior to 15.1X53-D65 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D233 on QFX5110, QFX5200.
Impact
Base Score 3.x
7.00
Severity 3.x
HIGH
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:14.2:r1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:14.2:r2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:14.2:r3:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:14.2:r4:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:14.2:r5:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:15.1:a1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:15.1:f2-s1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:15.1:f2-s2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:15.1:f2-s3:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:15.1:f2-s4:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page