Junos OS におけるセキュリティ機能に関する脆弱性
| Title |
Junos OS におけるセキュリティ機能に関する脆弱性
|
| Summary |
Junos OS には、セキュリティ機能に関する脆弱性が存在します。
|
| Possible impacts |
サービス運用妨害 (DoS) 状態にされる可能性があります。 |
| Solution |
ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date |
July 12, 2017, midnight |
| Registration Date |
Sept. 7, 2017, 1:45 p.m. |
| Last Update |
Sept. 7, 2017, 1:45 p.m. |
|
CVSS3.0 : 警告
|
| Score |
5.3
|
| Vector |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
|
CVSS2.0 : 警告
|
| Score |
5
|
| Vector |
AV:N/AC:L/Au:N/C:N/I:N/A:P |
Affected System
CVE (情報セキュリティ 共通脆弱性識別子)
CWE (共通脆弱性タイプ一覧)
ベンダー情報
Change Log
| No |
Changed Details |
Date of change |
| 0 |
[2017年09月07日]
掲載 |
Feb. 17, 2018, 10:37 a.m. |
NVD Vulnerability Information
CVE-2017-10604
| Summary |
When the device is configured to perform account lockout with a defined period of time, any unauthenticated user attempting to log in as root with an incorrect password can trigger a lockout of the root account. When an SRX Series device is in cluster mode, and a cluster sync or failover operation occurs, then there will be errors associated with synch or failover while the root account is locked out. Administrators can confirm if the root account is locked out via the following command root@device> show system login lockout user root User Lockout start Lockout end root 1995-01-01 01:00:01 PDT 1995-11-01 01:31:01 PDT Affected releases are Juniper Networks Junos OS 12.1X46 prior to 12.1X46-D65 on SRX series; 12.3X48 prior to 12.3X48-D45 on SRX series; 15.1X49 prior to 15.1X49-D75 on SRX series.
|
| Publication Date |
July 17, 2017, 10:18 p.m. |
| Registration Date |
Jan. 26, 2021, 1:12 p.m. |
| Last Update |
Nov. 21, 2024, 12:06 p.m. |
Affected software configurations
| Configuration1 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:juniper:junos:12.1x46:d30:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.1x46:d45:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.1x46:d50:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.1x46:d35:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.1x46:d40:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.1x46:d55:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:juniper:srx:-:*:*:*:*:*:*:* |
| Configuration2 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.3x48:*:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:juniper:srx:-:*:*:*:*:*:*:* |
| Configuration3 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:juniper:srx:-:*:*:*:*:*:*:* |
Related information, measures and tools
Common Vulnerabilities List