CVE-2017-10601

A specific device configuration can result in a commit failure condition. When this occurs, a user is logged in without being prompted for a password while trying to login through console, ssh, ftp, telnet or su, etc., This issue relies upon a device configuration precondition to occur. Typically, device configurations are the result of a trusted administrative change to the system's running configuration. The following error messages may be seen when this failure occurs: mgd: error: commit failed: (statements constraint check failed) Warning: Commit failed, activating partial configuration. Warning: Edit the router configuration to fix these errors. If the administrative changes are not made that result in such a failure, then this issue is not seen. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 12.3 prior to 12.3R10, 12.3R11; 12.3X48 prior to 12.3X48-D20; 13.2 prior to 13.2R8; 13.3 prior to 13.3R7; 14.1 prior to 14.1R4-S12, 14.1R5, 14.1R6; 14.1X53 prior to 14.1X53-D30; 14.2 prior to 14.2R4; 15.1 prior to 15.1F2, 15.1F3, 15.1R2.

Published: Jul 17, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-10601
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
juniper / junos	14.1-r1	14.1-r1.x
juniper / junos	14.1-r4	14.1-r4.x
juniper / junos	14.2-r1	14.2-r1.x
juniper / junos	13.3-r4	13.3-r4.x
juniper / junos	14.1	14.1.x
juniper / junos	14.2-r2	14.2-r2.x
juniper / junos	14.1-r3	14.1-r3.x
juniper / junos	13.3	13.3.x
juniper / junos	13.3-r5	13.3-r5.x
juniper / junos	12.3-r11	12.3-r11.x
juniper / junos	12.3-r2	12.3-r2.x
juniper / junos	15.1-f1	15.1-f1.x
juniper / junos	12.3-r9	12.3-r9.x
juniper / junos	14.1x53-d15	14.1x53-d15.x
juniper / junos	12.3x48-d10	12.3x48-d10.x
juniper / junos	13.2-r7-s1	13.2-r7-s1.x
juniper / junos	14.1x53-d10	14.1x53-d10.x
juniper / junos	14.2-r3	14.2-r3.x
juniper / junos	12.3x48-d15	12.3x48-d15.x
juniper / junos	12.3-r4	12.3-r4.x
juniper / junos	12.3-r1	12.3-r1.x
juniper / junos	12.3-r7	12.3-r7.x
juniper / junos	12.3-r6	12.3-r6.x
juniper / junos	14.1x53-d25	14.1x53-d25.x
juniper / junos	13.2-r4	13.2-r4.x
juniper / junos	13.2-r7-s2	13.2-r7-s2.x
juniper / junos	13.2	13.2.x
juniper / junos	15.1-f2	15.1-f2.x
juniper / junos	14.1x53-d27	14.1x53-d27.x
juniper / junos	14.2	14.2.x
juniper / junos	13.2-r7	13.2-r7.x
juniper / junos	13.2-r3	13.2-r3.x
juniper / junos	15.1-f3	15.1-f3.x
juniper / junos	15.1-r2	15.1-r2.x
juniper / junos	14.1x53-d16	14.1x53-d16.x
juniper / junos	14.1-r6	14.1-r6.x
juniper / junos	13.2-r6	13.2-r6.x
juniper / junos	13.2-r5	13.2-r5.x
juniper / junos	14.2-r4	14.2-r4.x
juniper / junos	14.1x53	14.1x53.x
juniper / junos	13.2-r2	13.2-r2.x
juniper / junos	13.3-r6	13.3-r6.x
juniper / junos	12.3-r5	12.3-r5.x
juniper / junos	12.3-r3	12.3-r3.x
juniper / junos	12.3	12.3.x
juniper / junos	13.3-r2	13.3-r2.x
juniper / junos	14.1-r2	14.1-r2.x
juniper / junos	14.1x53-d26	14.1x53-d26.x
juniper / junos	13.3-r3	13.3-r3.x
juniper / junos	14.1-r5	14.1-r5.x
juniper / junos	12.3-r8	12.3-r8.x
juniper / junos	13.2-r1	13.2-r1.x
juniper / junos	15.1	15.1.x

Vulnerability Database

290,278

CVE-2017-10601