CVE-2017-2335 : What You Need to Know
Learn about CVE-2017-2335, a high-severity XSS vulnerability in Juniper Networks ScreenOS Firewall affecting versions prior to 6.3.0r24 on SSG Series. Find mitigation steps and updates.
ScreenOS: XSS vulnerability in ScreenOS Firewall
Understanding CVE-2017-2335
NetScreen WebUI, a component of Juniper Networks Juniper NetScreen Firewall+VPN, has a persistent cross-site scripting vulnerability affecting ScreenOS 6.3.0 versions prior to 6.3.0r24 on SSG Series.
What is CVE-2017-2335?
This vulnerability allows users with the 'security' role to inject HTML/JavaScript content into the management session of other users, including the administrator. This enables lower-privileged users to execute commands with administrator permissions.
The Impact of CVE-2017-2335
- CVSS Base Score: 8.4 (High)
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: Required
- Confidentiality, Integrity, and Availability Impact: High
- Scope: Changed
Technical Details of CVE-2017-2335
A detailed look at the vulnerability
Vulnerability Description
- Persistent cross-site scripting vulnerability in NetScreen WebUI
Affected Systems and Versions
- Affected Platforms: SSG Series
- Affected Product: ScreenOS
- Affected Versions: 6.3.0 prior to 6.3.0r24
Exploitation Mechanism
- Users with the 'security' role can insert malicious content into the WebUI, compromising the system's security.
Mitigation and Prevention
Protecting against CVE-2017-2335
Immediate Steps to Take
- Use access lists or firewall filters to restrict WebUI access to trusted hosts.
Long-Term Security Practices
- Regularly update ScreenOS to the latest version.
- Implement security best practices to prevent cross-site scripting attacks.
Patching and Updates
- ScreenOS has been updated to prevent script injections in WebUI strings.
- Update to ScreenOS 6.3.0r24 or later to mitigate this vulnerability.
- Refer to KB16765 for information on fixed vulnerabilities in different releases.