CVE-2017-2308 — Vulnetix

Try Vulnetix Request Demo

CVE-2017-2308 PUBLISHED CVSS 5 MEDIUM

An XML External Entity Injection vulnerability in Juniper Networks Junos Space versions prior to 16.1R1 may allow an authenticated user to read arbitrary files on the device.

EPSS 0.28% · 50.9th percentile

Risk Scores

CVSS v2.0

5

EPSS Score

0.28%

50.9th percentile

Affected Products

Vendor	Product	Versions
juniper	junos_space	0
Juniper Networks	Junos Space	versions prior to 16.1R1

Timeline

Jan 12, 2017 CVE Published
Jan 16, 2018 PoC Published
Apr 14, 2021 EPSS Score
May 28, 2021 PoC Published
Jun 22, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Feb 25, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Jun 29, 2022 EPSS Score
Jul 29, 2022 PoC Published

References

https://kb.juniper.net/JSA10770 url
98755 vdb
https://nvd.nist.gov/vuln/detail/CVE-2017-2308 advisory

Open in Interactive Console →