Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

CVE-2017-2343 : Security Advisory and Response

Discover the impact of CVE-2017-2343 involving hardcoded credentials in Juniper SRX Series UserFW feature. Learn about affected systems, versions, exploitation risks, and mitigation steps.

The Juniper SRX Series devices introduced a feature called the Integrated User Firewall (UserFW) in Junos OS version 12.1X47-D10. This feature allows for the seamless integration of user profiles with existing firewall policies. A vulnerability was discovered in the UserFW services authentication API, involving hardcoded credentials that could potentially lead to a complete compromise of SRX Series devices and Active Directory servers.

Understanding CVE-2017-2343

This CVE involves hardcoded credentials in the Integrated UserFW feature of Juniper SRX Series devices.

What is CVE-2017-2343?

The vulnerability in the UserFW services authentication API of Juniper SRX Series devices could allow attackers to gain full control over the devices and associated Active Directory servers.

The Impact of CVE-2017-2343

        Attack Complexity: Low
        Attack Vector: Network
        Base Score: 10 (Critical)
        Confidentiality Impact: High
        Integrity Impact: High
        Availability Impact: High
        Privileges Required: None
        Scope: Changed
        User Interaction: None

Technical Details of CVE-2017-2343

The following details provide a deeper insight into the vulnerability.

Vulnerability Description

        Hardcoded credentials were present in the UserFW services authentication API, posing a significant security risk.

Affected Systems and Versions

        Platforms: SRX series
        Affected Product: Junos OS
        Vulnerable Versions: 12.3X48 from 12.3X48-D30 to 12.3X48-D35, 15.1X49 from 15.1X49-D40 to 15.1X49-D50

Exploitation Mechanism

        Attackers could exploit the hardcoded credentials to gain complete control over SRX Series devices and Active Directory servers.

Mitigation and Prevention

Taking immediate steps and implementing long-term security practices are crucial to mitigate the risks associated with CVE-2017-2343.

Immediate Steps to Take

        Check if the UserFW service is active on devices by reviewing specific CLI commands.
        Consider disabling the UserFW service until a fix is available.

Long-Term Security Practices

        Regularly monitor and update security configurations.
        Conduct security audits to identify vulnerabilities.

Patching and Updates

        Update to the fixed software releases: 12.3X48-D35, 15.1X49-D50, and subsequent versions.

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now