2018-01 Security Bulletin: CTPView: Multiple Linux kernel vulnerabilities.

  [JSA10839] Show Article Properties

Product Affected:
CTPView 7.1, 7.2, 7.3.

CTPView releases 7.1R2, 7.3R3 and 7.4R1 address multiple Linux kernel vulnerabilities in prior releases.

The resolved issues include:

CVE CVSS Summary
CVE-2017-6074 7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) Linux kernel Linux kernel vulnerability that could allow local privilege escalation
CVE-2017-2634 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Linux kernel vulnerability that could allow denial of service


These issues are addressed in CTPView 7.1R2, 7.3R3 and 7.4R1 and all subsequent releases.‚Äč

These issues are being tracked as 1284155 which is visible on the Customer Support website.


Customers can contact JTAC for the instruction on how to upgrade to kernel-2.6.18-419.el5.

Software Releases, patches and updates are available at https://www.juniper.net/support/downloads/.
Modification History:
2018-01-10: Initial publication
Related Links:
CVSS Score:
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Severity Level:
Severity Assessment:
Information for how Juniper Networks uses CVSS can be found at KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories."