Juniper NorthStar Controller Application CVE-2017-2326 Local Security Bypass Vulnerability

Juniper NorthStar Controller Application is prone to a local local security-bypass vulnerability.

An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions.

Juniper NorthStar Controller Application before version 2.1.0 Service Pack 1 are vulnerable.

Information

Bugtraq ID: 97691
Class: Design Error
CVE: CVE-2017-2326

Remote: No
Local: Yes
Published: Apr 12 2017 12:00AM
Updated: Apr 17 2017 04:07PM
Credit: The vendor reported this issue.
Vulnerable: Juniper NorthStar Controller Application 2.1.0

Not Vulnerable: Juniper NorthStar Controller Application 2.1.0 Service Pack 1

References:

• Juniper Networks Homepage (Juniper Networks)
  
• 2107-04 Security Bulletin: Multiple Vulnerabilities in NorthStar Controller Appl (juniper)
  

Source: www.securityfocus.com