CVE-2017-2305
First published: Tue May 30 2017(Updated: )
On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization check, readonly users on the Junos Space administrative web interface can create privileged users, allowing privilege escalation.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper Networks Junos Space | <=16.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2017-2305?
CVE-2017-2305 is rated as a high severity vulnerability due to its potential for privilege escalation.
How do I fix CVE-2017-2305?
To fix CVE-2017-2305, upgrade to Juniper Networks Junos Space version 16.1R1 or later.
Who is affected by CVE-2017-2305?
Users of Juniper Networks Junos Space versions prior to 16.1R1 are affected by CVE-2017-2305.
What type of vulnerability is CVE-2017-2305?
CVE-2017-2305 is an authorization vulnerability that allows privilege escalation.
What can attackers do with CVE-2017-2305?
Attackers can exploit CVE-2017-2305 to create privileged users through the Junos Space administrative web interface.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/juniper
- canonical/juniper networks junos space
- version/juniper networks junos space/16.1