CVE-2017-10603

Junos OS: Local XML Injection through CLI command can lead to privilege escalation

Description

An XML injection vulnerability in Junos OS CLI can allow a locally authenticated user to elevate privileges and run arbitrary commands as the root user. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS 15.1X53 prior to 15.1X53-D47, 15.1 prior to 15.1R3. Junos versions prior to 15.1 are not affected. No other Juniper Networks products or platforms are affected by this issue.

Remediation

Workaround:

There is no direct workaround to completely eliminate the risk of this vulnerability. Use access lists or firewall filters to limit access to the router's CLI only from trusted hosts. Restrict access to the CLI to only highly trusted administrators.

References

Link	Tags
http://www.securitytracker.com/id/1038901	vdb entry third party advisory
https://kb.juniper.net/JSA10805	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2017-10603?: CVE-2017-10603 has been scored as a high severity vulnerability.
How to fix CVE-2017-10603?: As a workaround for remediating CVE-2017-10603: There is no direct workaround to completely eliminate the risk of this vulnerability. Use access lists or firewall filters to limit access to the router's CLI only from trusted hosts. Restrict access to the CLI to only highly trusted administrators.
Is CVE-2017-10603 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2017-10603 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2017-10603?: CVE-2017-10603 affects Juniper Networks Junos OS.

Description

Remediation

Category

CWE-91 – XML Injection (aka Blind XPath Injection)

References

Frequently Asked Questions