CVE-2017-10624

Summary

Insufficient verification of node certificates in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to make unauthorized modifications to Space database or add nodes. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos Spaceversions prior to 17.1R1affected

Weaknesses

  • insufficient verification

Workarounds

There are no viable workarounds for this issue. It is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the device from trusted, administrative networks or hosts.

ADP Enrichment

CVE Program Container

Additional References

References