CVE-2017-10615

Name of the Vulnerable Software and Affected Versions Junos OS versions 14.1R5 through 14.1R8-S4, 14.1R9 Junos OS versions 14.1X53 through 14.1X53-D50 on EX and QFX series Junos OS versions 14.2R3 through 14.2R7-S8, 14.2R8

Description A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network-based attacker to potentially execute arbitrary code or crash daemons such as telnetd or sshd that make use of PAM. The issue exists due to insufficient input validation in the PAM module.

Recommendations For versions 14.1R5 through 14.1R8-S4, 14.1R9, consider updating to a fixed version to resolve the issue. For versions 14.1X53 through 14.1X53-D50 on EX and QFX series, consider updating to a fixed version to resolve the issue. For versions 14.2R3 through 14.2R7-S8, 14.2R8, consider updating to a fixed version to resolve the issue. As a temporary workaround, consider restricting access to daemons that use PAM, such as telnetd or sshd, until a patch is available.