Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to Juniper Networks - Junos OS running on QFX3500, QFX3600, QFX5100, QFX5200, EX4300, EX4600 devices

cve-2017-2304

Vulnerability from cvelistv5

Published

2017-05-30 14:00

Modified

2024-08-05 13:48

Severity ?

Summary

Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS 14.1X53 prior to 14.1X53-D40, 15.1X53 prior to 15.1X53-D40, 15.1 prior to 15.1R2, do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is also known as 'Etherleak'

References

▼	URL	Tags
	http://www.securitytracker.com/id/1037593	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/95403	vdb-entry, x_refsource_BID
	https://kb.juniper.net/JSA10773	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Juniper Networks

Junos OS running on QFX3500, QFX3600, QFX5100, QFX5200, EX4300, EX4600 devices

Version: 14.1X53 prior to 14.1X53-D40
Version: 15.1X53 prior to 15.1X53-D40
Version: 15.1 prior to 15.1R2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:48:05.313Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1037593",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037593"
          },
          {
            "name": "95403",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95403"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10773"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Junos OS running on QFX3500, QFX3600, QFX5100, QFX5200, EX4300, EX4600 devices",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "status": "affected",
              "version": "14.1X53 prior to 14.1X53-D40"
            },
            {
              "status": "affected",
              "version": "15.1X53 prior to 15.1X53-D40"
            },
            {
              "status": "affected",
              "version": "15.1 prior to 15.1R2"
            }
          ]
        }
      ],
      "datePublic": "2017-01-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS 14.1X53 prior to 14.1X53-D40, 15.1X53 prior to 15.1X53-D40, 15.1 prior to 15.1R2, do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is also known as \u0027Etherleak\u0027"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "information leak",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-26T09:57:01",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "name": "1037593",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037593"
        },
        {
          "name": "95403",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95403"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA10773"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2017-2304",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS running on QFX3500, QFX3600, QFX5100, QFX5200, EX4300, EX4600 devices",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "14.1X53 prior to 14.1X53-D40"
                          },
                          {
                            "version_value": "15.1X53 prior to 15.1X53-D40"
                          },
                          {
                            "version_value": "15.1 prior to 15.1R2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS 14.1X53 prior to 14.1X53-D40, 15.1X53 prior to 15.1X53-D40, 15.1 prior to 15.1R2, do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is also known as \u0027Etherleak\u0027"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "information leak"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1037593",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037593"
            },
            {
              "name": "95403",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95403"
            },
            {
              "name": "https://kb.juniper.net/JSA10773",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA10773"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2017-2304",
    "datePublished": "2017-05-30T14:00:00",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-08-05T13:48:05.313Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}