Search...

Juniper Junos Virtualized Environment Guest-To-Host Privilege Escalation (JSA10787)

2017-08-23T00:00:00

ID JUNIPER_JSA10787.NASL
Type nessus
Reporter Tenable
Modified 2017-08-23T00:00:00

Description

According to its self-reported version number and configuration, the remote Juniper Junos device is affected by a privilege escalation vulnerability when running in a virtualized environment due to improper handling of authentication. An attacker on the Junos guest can exploit this to escalate privileges and gain access to the host operating system.

                                        
                                            #TRUSTED 5480e3565f98fde0c0afd895a568294844045b331342d31232aaab688bda8aa44fe8dadb3b79d861492fbd428c4b3a3f2461971672519ccf9665d29535f5fcbdcf6c3c8d6ccfc8ce1e73c5b5e5a5084aac6d9ccbca40fc4f6802a5fcc9ddff9b810e11fd07755105df1cc4c123cff236744493feeb34687fde9a1d27652e75c5f5d9fb79f6680efd21c84a52f95146bd838cb6a690013d12a30c6c2cd1f115126b76e79615d54c4183309a0f839e5caa62d3a6db0bf741f92f26706c0350a27413e897a0068bcca6ef3a54b9b99dc98d9cba52754107faef9ecc24fb2ad12a4b337660b0a794556676826fb03e1006ebb974d8452ca472c1765882e6fe59c1fe8ce3057213dd79020eb18b0e9e2a808f660edff30a4e61d8a00e3441c8f133ba79fe6bb17fb314f32fa889cc131c63706a586ef50cb89acdc69d67b435fc37dbfbfc1a685a7ebe3f29ca2f3b87d0c7dc3f9695c0828b4a1df299a1de4efd28a97b58931b86473ff1846044c7966b25f0aac8223be485463403123d4e426a65b236569210f450f4338625dd1bcc118d3526acf70ca47388e68784101859e84cd8de4ecc1255858d8d8a2cdeb3d9e30b3ad15fcc0b4655cd976a8bb74064202154b12934584c749d708fbc429401a89613cd84d377b8f8e748232897944855efc1bb64858493cecffbc161b82c718d67e4afe04e246107b5f7a19ca556246fda25
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(102701);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2017/08/23");

  script_cve_id("CVE-2017-2341");
  script_osvdb_id(160899);
  script_xref(name:"JSA", value:"JSA10787");

  script_name(english:"Juniper Junos Virtualized Environment Guest-To-Host Privilege Escalation (JSA10787)");
  script_summary(english:"Checks the Junos version, model, and configuration.");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version number and configuration, the
remote Juniper Junos device is affected by a privilege escalation
vulnerability when running in a virtualized environment due to
improper handling of authentication. An attacker on the Junos guest
can exploit this to escalate privileges and gain access to the host
operating system.");
  script_set_attribute(attribute:"see_also", value:"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10787");
  script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant Junos software release referenced in Juniper
security advisory JSA10787. Alternatively, as a workaround, enable
FIPS mode.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/07/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/07/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/23");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:juniper:junos");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Junos Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2017 Tenable Network Security, Inc.");

  script_dependencies("junos_version.nasl");
  script_require_keys("Host/Juniper/JUNOS/Version", "Host/Juniper/model");

  exit(0);
}

include("audit.inc");
include("junos_kb_cmd_func.inc");
include("misc_func.inc");

ver   = get_kb_item_or_exit('Host/Juniper/JUNOS/Version');
model = get_kb_item_or_exit('Host/Juniper/model');

if (model !~ "^QFX(5110|5200|10002|10008|10016)" &&
    model !~ "^EX4600[1-4]" &&
    model !~ "^NFX250" &&
    model !~ "^SRX(1500|4100|4200)" &&
    model !~ "^ACX5\d\d\d" &&
    model !~ "^vSRX"
  )
  audit(AUDIT_HOST_NOT, 'an affected model.');

fixes = make_array();

fixes['14.1X53'] = '14.1X53-D40';
fixes['15.1X49'] = '15.1X49-D70';
fixes['15.1'] = '15.1R5';
fixes['16.1'] = '16.1R2';

fix = check_junos(ver:ver, fixes:fixes, exit_on_fail:TRUE);

# If FIPS is enabled it isn't vulnerable.
override = TRUE;
buf = junos_command_kb_item(cmd:"show configuration | display set");
if (buf)
{
  override = FALSE;
  pattern = "^set system fips level [1-4]";
  if (junos_check_config(buf:buf, pattern:pattern))
    audit(AUDIT_HOST_NOT, 'vulnerable because it has FIPS mode enabled.');
}

junos_report(ver:ver, fix:fix, model:model, override:override, severity:SECURITY_HOLE);

JSON Vulners Source

Initial Source

{"cpe": ["cpe:/o:juniper:junos"], "bulletinFamily": "scanner", "viewCount": 0, "naslFamily": "Junos Local Security Checks", "reporter": "Tenable", "references": ["https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10787"], "description": "According to its self-reported version number and configuration, the remote Juniper Junos device is affected by a privilege escalation vulnerability when running in a virtualized environment due to improper handling of authentication. An attacker on the Junos guest can exploit this to escalate privileges and gain access to the host operating system.", "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "a9dcf995223f353eda7bf326345d8e06"}, {"key": "cvelist", "hash": "4ae8a0d4cd6fac4462d94463afb9e337"}, {"key": "cvss", "hash": "cfd16da9581e0c21db590e40dfd9e493"}, {"key": "description", "hash": "b22558fffa85d983964f1262cdc6a29d"}, {"key": "href", "hash": "e76a7cbc8797aaa379022b5c26037760"}, {"key": "modified", "hash": "8047ad65270b92ffe0f31d853958f881"}, {"key": "naslFamily", "hash": "f44fb98241ad612bdd34e6e796e60393"}, {"key": "pluginID", "hash": "5bfb2c2c283abcb93ff4c572e9ed4c62"}, {"key": "published", "hash": "8047ad65270b92ffe0f31d853958f881"}, {"key": "references", "hash": "e21d3980ce5420836cf11cdcdfe7a2f4"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "6925b2be96b7f78f1cb974c16ab54972"}, {"key": "title", "hash": "b1cc9bfad433f7ef8d5b7d0662efd8a4"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "href": "https://www.tenable.com/plugins/index.php?view=single&id=102701", "modified": "2017-08-23T00:00:00", "objectVersion": "1.3", "enchantments": {"vulnersScore": 7.2}, "id": "JUNIPER_JSA10787.NASL", "title": "Juniper Junos Virtualized Environment Guest-To-Host Privilege Escalation (JSA10787)", "hash": "5a44d57bb322db8941cf044b2eb1353b5a015df03f4c81dd996a7c85a6bfaca0", "edition": 2, "published": "2017-08-23T00:00:00", "type": "nessus", "history": [{"lastseen": "2017-08-24T05:16:56", "bulletin": {"cpe": [], "hash": "0d977080517604244adef40a8b4a4fa7394d0508e4ea9d73bb915f64e140c50c", "viewCount": 0, "reporter": "Tenable", "references": ["https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10787"], "description": "According to its self-reported version number and configuration, the remote Juniper Junos device is affected by a privilege escalation vulnerability when running in a virtualized environment due to improper handling of authentication. An attacker on the Junos guest can exploit this to escalate privileges and gain access to the host operating system.", "hashmap": [{"key": "naslFamily", "hash": "f44fb98241ad612bdd34e6e796e60393"}, {"key": "cvss", "hash": "cfd16da9581e0c21db590e40dfd9e493"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "6925b2be96b7f78f1cb974c16ab54972"}, {"key": "title", "hash": "b1cc9bfad433f7ef8d5b7d0662efd8a4"}, {"key": "references", "hash": "e21d3980ce5420836cf11cdcdfe7a2f4"}, {"key": "modified", "hash": "8047ad65270b92ffe0f31d853958f881"}, {"key": "description", "hash": "b22558fffa85d983964f1262cdc6a29d"}, {"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "pluginID", "hash": "5bfb2c2c283abcb93ff4c572e9ed4c62"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}, {"key": "published", "hash": "8047ad65270b92ffe0f31d853958f881"}, {"key": "href", "hash": "e76a7cbc8797aaa379022b5c26037760"}, {"key": "cvelist", "hash": "4ae8a0d4cd6fac4462d94463afb9e337"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}], "naslFamily": "Junos Local Security Checks", "modified": "2017-08-23T00:00:00", "objectVersion": "1.3", "href": "https://www.tenable.com/plugins/index.php?view=single&id=102701", "published": "2017-08-23T00:00:00", "enchantments": {}, "id": "JUNIPER_JSA10787.NASL", "title": "Juniper Junos Virtualized Environment Guest-To-Host Privilege Escalation (JSA10787)", "bulletinFamily": "scanner", "edition": 1, "sourceData": "#TRUSTED 5480e3565f98fde0c0afd895a568294844045b331342d31232aaab688bda8aa44fe8dadb3b79d861492fbd428c4b3a3f2461971672519ccf9665d29535f5fcbdcf6c3c8d6ccfc8ce1e73c5b5e5a5084aac6d9ccbca40fc4f6802a5fcc9ddff9b810e11fd07755105df1cc4c123cff236744493feeb34687fde9a1d27652e75c5f5d9fb79f6680efd21c84a52f95146bd838cb6a690013d12a30c6c2cd1f115126b76e79615d54c4183309a0f839e5caa62d3a6db0bf741f92f26706c0350a27413e897a0068bcca6ef3a54b9b99dc98d9cba52754107faef9ecc24fb2ad12a4b337660b0a794556676826fb03e1006ebb974d8452ca472c1765882e6fe59c1fe8ce3057213dd79020eb18b0e9e2a808f660edff30a4e61d8a00e3441c8f133ba79fe6bb17fb314f32fa889cc131c63706a586ef50cb89acdc69d67b435fc37dbfbfc1a685a7ebe3f29ca2f3b87d0c7dc3f9695c0828b4a1df299a1de4efd28a97b58931b86473ff1846044c7966b25f0aac8223be485463403123d4e426a65b236569210f450f4338625dd1bcc118d3526acf70ca47388e68784101859e84cd8de4ecc1255858d8d8a2cdeb3d9e30b3ad15fcc0b4655cd976a8bb74064202154b12934584c749d708fbc429401a89613cd84d377b8f8e748232897944855efc1bb64858493cecffbc161b82c718d67e4afe04e246107b5f7a19ca556246fda25\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102701);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2017/08/23\");\n\n script_cve_id(\"CVE-2017-2341\");\n script_osvdb_id(160899);\n script_xref(name:\"JSA\", value:\"JSA10787\");\n\n script_name(english:\"Juniper Junos Virtualized Environment Guest-To-Host Privilege Escalation (JSA10787)\");\n script_summary(english:\"Checks the Junos version, model, and configuration.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number and configuration, the\nremote Juniper Junos device is affected by a privilege escalation\nvulnerability when running in a virtualized environment due to\nimproper handling of authentication. An attacker on the Junos guest\ncan exploit this to escalate privileges and gain access to the host\noperating system.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10787\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to the relevant Junos software release referenced in Juniper\nsecurity advisory JSA10787. Alternatively, as a workaround, enable\nFIPS mode.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:juniper:junos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Junos Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n\n script_dependencies(\"junos_version.nasl\");\n script_require_keys(\"Host/Juniper/JUNOS/Version\", \"Host/Juniper/model\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"junos_kb_cmd_func.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit('Host/Juniper/JUNOS/Version');\nmodel = get_kb_item_or_exit('Host/Juniper/model');\n\nif (model !~ \"^QFX(5110|5200|10002|10008|10016)\" &&\n model !~ \"^EX4600[1-4]\" &&\n model !~ \"^NFX250\" &&\n model !~ \"^SRX(1500|4100|4200)\" &&\n model !~ \"^ACX5\\d\\d\\d\" &&\n model !~ \"^vSRX\"\n )\n audit(AUDIT_HOST_NOT, 'an affected model.');\n\nfixes = make_array();\n\nfixes['14.1X53'] = '14.1X53-D40';\nfixes['15.1X49'] = '15.1X49-D70';\nfixes['15.1'] = '15.1R5';\nfixes['16.1'] = '16.1R2';\n\nfix = check_junos(ver:ver, fixes:fixes, exit_on_fail:TRUE);\n\n# If FIPS is enabled it isn't vulnerable.\noverride = TRUE;\nbuf = junos_command_kb_item(cmd:\"show configuration | display set\");\nif (buf)\n{\n override = FALSE;\n pattern = \"^set system fips level [1-4]\";\n if (junos_check_config(buf:buf, pattern:pattern))\n audit(AUDIT_HOST_NOT, 'vulnerable because it has FIPS mode enabled.');\n}\n\njunos_report(ver:ver, fix:fix, model:model, override:override, severity:SECURITY_HOLE);\n", "type": "nessus", "history": [], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvelist": ["CVE-2017-2341"], "lastseen": "2017-08-24T05:16:56", "pluginID": "102701"}, "differentElements": ["cpe"], "edition": 1}], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvelist": ["CVE-2017-2341"], "lastseen": "2017-10-29T13:44:11", "sourceData": "#TRUSTED 5480e3565f98fde0c0afd895a568294844045b331342d31232aaab688bda8aa44fe8dadb3b79d861492fbd428c4b3a3f2461971672519ccf9665d29535f5fcbdcf6c3c8d6ccfc8ce1e73c5b5e5a5084aac6d9ccbca40fc4f6802a5fcc9ddff9b810e11fd07755105df1cc4c123cff236744493feeb34687fde9a1d27652e75c5f5d9fb79f6680efd21c84a52f95146bd838cb6a690013d12a30c6c2cd1f115126b76e79615d54c4183309a0f839e5caa62d3a6db0bf741f92f26706c0350a27413e897a0068bcca6ef3a54b9b99dc98d9cba52754107faef9ecc24fb2ad12a4b337660b0a794556676826fb03e1006ebb974d8452ca472c1765882e6fe59c1fe8ce3057213dd79020eb18b0e9e2a808f660edff30a4e61d8a00e3441c8f133ba79fe6bb17fb314f32fa889cc131c63706a586ef50cb89acdc69d67b435fc37dbfbfc1a685a7ebe3f29ca2f3b87d0c7dc3f9695c0828b4a1df299a1de4efd28a97b58931b86473ff1846044c7966b25f0aac8223be485463403123d4e426a65b236569210f450f4338625dd1bcc118d3526acf70ca47388e68784101859e84cd8de4ecc1255858d8d8a2cdeb3d9e30b3ad15fcc0b4655cd976a8bb74064202154b12934584c749d708fbc429401a89613cd84d377b8f8e748232897944855efc1bb64858493cecffbc161b82c718d67e4afe04e246107b5f7a19ca556246fda25\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102701);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2017/08/23\");\n\n script_cve_id(\"CVE-2017-2341\");\n script_osvdb_id(160899);\n script_xref(name:\"JSA\", value:\"JSA10787\");\n\n script_name(english:\"Juniper Junos Virtualized Environment Guest-To-Host Privilege Escalation (JSA10787)\");\n script_summary(english:\"Checks the Junos version, model, and configuration.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number and configuration, the\nremote Juniper Junos device is affected by a privilege escalation\nvulnerability when running in a virtualized environment due to\nimproper handling of authentication. An attacker on the Junos guest\ncan exploit this to escalate privileges and gain access to the host\noperating system.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10787\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to the relevant Junos software release referenced in Juniper\nsecurity advisory JSA10787. Alternatively, as a workaround, enable\nFIPS mode.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:juniper:junos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Junos Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n\n script_dependencies(\"junos_version.nasl\");\n script_require_keys(\"Host/Juniper/JUNOS/Version\", \"Host/Juniper/model\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"junos_kb_cmd_func.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit('Host/Juniper/JUNOS/Version');\nmodel = get_kb_item_or_exit('Host/Juniper/model');\n\nif (model !~ \"^QFX(5110|5200|10002|10008|10016)\" &&\n model !~ \"^EX4600[1-4]\" &&\n model !~ \"^NFX250\" &&\n model !~ \"^SRX(1500|4100|4200)\" &&\n model !~ \"^ACX5\\d\\d\\d\" &&\n model !~ \"^vSRX\"\n )\n audit(AUDIT_HOST_NOT, 'an affected model.');\n\nfixes = make_array();\n\nfixes['14.1X53'] = '14.1X53-D40';\nfixes['15.1X49'] = '15.1X49-D70';\nfixes['15.1'] = '15.1R5';\nfixes['16.1'] = '16.1R2';\n\nfix = check_junos(ver:ver, fixes:fixes, exit_on_fail:TRUE);\n\n# If FIPS is enabled it isn't vulnerable.\noverride = TRUE;\nbuf = junos_command_kb_item(cmd:\"show configuration | display set\");\nif (buf)\n{\n override = FALSE;\n pattern = \"^set system fips level [1-4]\";\n if (junos_check_config(buf:buf, pattern:pattern))\n audit(AUDIT_HOST_NOT, 'vulnerable because it has FIPS mode enabled.');\n}\n\njunos_report(ver:ver, fix:fix, model:model, override:override, severity:SECURITY_HOLE);\n", "pluginID": "102701"}

{"result": {"cve": [{"id": "CVE-2017-2341", "type": "cve", "title": "CVE-2017-2341", "description": "An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D40 on QFX5110, QFX5200, QFX10002, QFX10008, QFX10016, EX4600 and NFX250; 15.1 prior to 15.1R5 on EX4600; 15.1X49 prior to 15.1X49-D70 on vSRX, SRX1500, SRX4100, SRX4200; 16.1 prior to 16.1R2 on EX4600, ACX5000 series. This issue does not affect vMX. No other Juniper Networks products or platforms are affected by this issue.", "published": "2017-07-17T09:18:24", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2341", "cvelist": ["CVE-2017-2341"], "lastseen": "2017-07-27T10:54:28"}], "openvas": [{"id": "OPENVAS:1361412562310106946", "type": "openvas", "title": "Junos Privilege Escalation Vulnerability", "description": "Junos OS is prone to a privilege escalation vulnerability.", "published": "2017-07-13T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106946", "cvelist": ["CVE-2017-2341"], "lastseen": "2017-08-15T11:27:28"}]}}