Strix
26.1K

CVE-2017-2341

UnknownEPSS 0.36%

Last modified

CVE-2017-2341 is a vulnerability of currently unknown severity. An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. EPSS estimates a 0.36% chance of exploitation in the next 30 days.

Description

An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue.

Metrics

EPSS Probability
0.36%

27.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
JuniperJunos14.1x53
JuniperJunos14.1x53-d10
JuniperJunos14.1x53-d15
JuniperJunos14.1x53-d25
JuniperJunos14.1x53-d26
JuniperJunos14.1x53-d27
JuniperJunos14.1x53-d30
JuniperJunos14.1x53-d35
JuniperJunos15.1
JuniperJunos15.1x49
JuniperJunos16.1

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2017-2341?
An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue.
How severe is CVE-2017-2341?
Severity scoring for CVE-2017-2341 is pending analysis. The EPSS model estimates a 0.36% probability of exploitation in the next 30 days.
How do I fix CVE-2017-2341?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-2341?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST