CVE-2017-2305

Description

On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization check, readonly users on the Junos Space administrative web interface can create privileged users, allowing privilege escalation.

Affected products

Juniper Networks / Junos Spaceversions prior to 16.1R1 – versions prior to 16.1R1

References

MISChttp://www.securityfocus.com/bid/98759
MISChttps://kb.juniper.net/JSA10770