High severity7.5NVD Advisory· Published Apr 24, 2017· Updated May 13, 2026

CVE-2017-2334

Description

An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to perform a man-in-the-middle attack, thereby stealing authentic credentials from encrypted paths which are easily decrypted, and subsequently gain complete control of the system.

Affected products

Juniper Networks/Northstar Controller
cpe:2.3:a:juniper:northstar_controller:*:*:*:*:*:*:*:*
Range: <=2.1.0
Juniper Networks/NorthStar Controller Applicationv5
Range: prior to version 2.1.0 Service Pack 1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/97616nvdThird Party AdvisoryVDB Entry
kb.juniper.net/JSA10783nvdMitigationVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000