Vulnerabilities > Juniper > Northstar Controller > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-24 | CVE-2017-2331 | Authentication Bypass vulnerability in Juniper NorthStar Controller Application A firewall bypass vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to bypass firewall policies, leading to authentication bypass methods, information disclosure, modification of system files, and denials of service. | 7.5 |
| 2017-04-24 | CVE-2017-2321 | Remote Privilege Escalation vulnerability in Juniper NorthStar Controller Application A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various system services partial to full denials of services, modification of system states and files, and potential disclosure of sensitive information which may assist the attacker in further attacks on the system through the use of multiple attack vectors, including man-in-the-middle attacks, file injections, and malicious execution of commands causing out of bound memory conditions leading to other attacks. | 7.5 |
| 2017-04-24 | CVE-2017-2319 | Improper Authentication vulnerability in Juniper Northstar Controller A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious attacker to compromise the systems confidentiality or integrity without authentication, leading to managed systems being compromised or services being denied to authentic end users and systems as a result. | 7.5 |
| 2017-04-24 | CVE-2017-2317 | Information Exposure vulnerability in Juniper Northstar Controller A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause denials of services to underlying database tables leading to potential information disclosure, modification of system states, and partial to full denial of services relying upon data modified by an attacker. | 7.5 |