CVE-2017-10603

Summary

An XML injection vulnerability in Junos OS CLI can allow a locally authenticated user to elevate privileges and run arbitrary commands as the root user. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS 15.1X53 prior to 15.1X53-D47, 15.1 prior to 15.1R3. Junos versions prior to 15.1 are not affected. No other Juniper Networks products or platforms are affected by this issue.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS15.1X53 prior to 15.1X53-D47affected
Juniper NetworksJunos OS15.1 prior to 15.1R3affected

Weaknesses

  • XML injection

Workarounds

There is no direct workaround to completely eliminate the risk of this vulnerability.

Use access lists or firewall filters to limit access to the router's CLI only from trusted hosts. Restrict access to the CLI to only highly trusted administrators.

ADP Enrichment

CVE Program Container

Additional References

References