cvelistv5 - cve-2017-2313

CVE-2017-2313 (GCVE-0-2017-2313)

Vulnerability from cvelistv5 – Published: 2017-04-24 15:00 – Updated: 2024-08-05 13:48

Summary

Severity ?

No CVSS data available.

CWE

denial of service vulnerability

Assigner

juniper

References

URL

Tags

	https://kb.juniper.net/JSA10778	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1038257	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/97606	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	Juniper Networks	Junos OS with BGP enabled	Affected: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6 Affected: 15.1X49 prior to 15.1X49-D78, 15.1X49-D80 Affected: 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70 Affected: 16.1 prior to 16.1R3-S3, 16.1R4 Affected: 16.2 prior to 16.2R1-S3, 16.2R2 Affected: Releases prior to Junos OS 15.1 are unaffected by this vulnerability. Affected: 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:48:05.294Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10778"
          },
          {
            "name": "1038257",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038257"
          },
          {
            "name": "97606",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/97606"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Junos OS with BGP enabled",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "status": "affected",
              "version": "15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6"
            },
            {
              "status": "affected",
              "version": "15.1X49 prior to 15.1X49-D78, 15.1X49-D80"
            },
            {
              "status": "affected",
              "version": "15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70"
            },
            {
              "status": "affected",
              "version": "16.1 prior to 16.1R3-S3, 16.1R4"
            },
            {
              "status": "affected",
              "version": "16.2 prior to 16.2R1-S3, 16.2R2"
            },
            {
              "status": "affected",
              "version": "Releases prior to Junos OS 15.1 are unaffected by this vulnerability."
            },
            {
              "status": "affected",
              "version": "17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability"
            }
          ]
        }
      ],
      "datePublic": "2017-04-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "denial of service vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T09:57:01",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA10778"
        },
        {
          "name": "1038257",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038257"
        },
        {
          "name": "97606",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/97606"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2017-2313",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS with BGP enabled",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6"
                          },
                          {
                            "version_value": "15.1X49 prior to 15.1X49-D78, 15.1X49-D80"
                          },
                          {
                            "version_value": "15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70"
                          },
                          {
                            "version_value": "16.1 prior to 16.1R3-S3, 16.1R4"
                          },
                          {
                            "version_value": "16.2 prior to 16.2R1-S3, 16.2R2"
                          },
                          {
                            "version_value": "Releases prior to Junos OS 15.1 are unaffected by this vulnerability."
                          },
                          {
                            "version_value": "17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "denial of service vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10778",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA10778"
            },
            {
              "name": "1038257",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038257"
            },
            {
              "name": "97606",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/97606"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2017-2313",
    "datePublished": "2017-04-24T15:00:00",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-08-05T13:48:05.294Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*\", \"matchCriteriaId\": \"C56F5C48-BA48-4EE1-88BE-782B3CFB3B90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C56E6C3-BBB6-4853-91D9-99C7676D0CD4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*\", \"matchCriteriaId\": \"71D211B9-B2FE-4324-AAEE-8825D5238E48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f7:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD332D86-5DA7-49A4-98C3-E4D946832DC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*\", \"matchCriteriaId\": \"08FC0245-A4FF-42C0-A236-8569301E351A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*\", \"matchCriteriaId\": \"120EA9E3-788B-4CFD-A74F-17111FFD0131\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*\", \"matchCriteriaId\": \"D90D8985-34EF-44CC-A9A7-CB0FD22676F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*\", \"matchCriteriaId\": \"18468579-0195-4DDE-BAA5-4BE4068F3A69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E5FAA97-171F-4DB9-B78E-6E1A5F34336A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*\", \"matchCriteriaId\": \"870244F3-1C05-4F10-A205-5189BB860F46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*\", \"matchCriteriaId\": \"235EE40B-AA15-4F39-8087-A051F4F70995\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*\", \"matchCriteriaId\": \"17330544-3AFC-463E-A146-2840A8AE17D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*\", \"matchCriteriaId\": \"8ABA301F-7866-42A5-8391-E07BEAFF06FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*\", \"matchCriteriaId\": \"1901864B-688B-4352-A587-4B96B4E49FB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*\", \"matchCriteriaId\": \"78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B6670FB-9F5A-469B-97F2-074C28572065\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*\", \"matchCriteriaId\": \"71198992-83AA-4E28-BA7D-A3C1897B5E2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*\", \"matchCriteriaId\": \"4323D874-C317-4D76-8E2D-C82376D84CBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E87C765-8D68-404A-AC71-3F22A7260E8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E3B807C-196D-42B8-9042-7582A1366772\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*\", \"matchCriteriaId\": \"83FEEE8F-9279-46F2-BAF9-A60537020C61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBD36C0D-0F44-4349-968D-4CD60F281D84\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F294E43-73FA-4EF3-90F2-EE29C56D6573\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDDE1048-BFEA-4A3E-8270-27C538A68837\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC517CD0-FF35-498F-AD33-683B43CA3829\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*\", \"matchCriteriaId\": \"53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*\", \"matchCriteriaId\": \"962CCED8-E321-4878-9BE6-0DC33778559A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B08B97A-5D4D-405B-A1C4-9E327E4EED35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*\", \"matchCriteriaId\": \"738C1061-E8B8-4924-AFE9-5E59F22CA4A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*\", \"matchCriteriaId\": \"9071DC8C-D0AA-448E-82BF-7C801199193F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d70:*:*:*:*:*:*\", \"matchCriteriaId\": \"88BAA95F-7CA2-46A0-8F60-588941AF3E44\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBE35BDC-7739-4854-8BB8-E8600603DE9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DC47132-9EEA-4518-8F86-5CD231FBFB61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD5A30CE-9498-4007-8E66-FD0CC6CF1836\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D3E38C1-808C-4BD3-993D-F30855F5390F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3661BC68-6F32-447F-8D20-FD73FBBED9C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B6097D4-3856-4696-9A26-5B6C0FD9AD6C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability.\"}, {\"lang\": \"es\", \"value\": \"Dispositivos de Juniper Networks que ejecutan las versiones afectadas Junos OS pueden verse afectados por el recibo de una BGP UPDATE manipulada que puede conducir a un fallo y un reinicio del rpd (enrutamiento del daemon del proceso). Los repetidos bloqueos del daemon rpd pueden resultar en una condici\\u00f3n extendida de denegaci\\u00f3n de servicio. Las versiones del sistema operativo Junos afectadas son: 15.1 antes de 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 antes de 15.1X49-D78, 15.1X49-D80; 15.1X53 antes de 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 antes de 16.1R3-S3, 16.1R4; 16.2 antes de 16.2R1-S3, 16.2R2; Releases antes de Junos OS 15.1 no se ven afectados por esta vulnerabilidad. 17.1R1, 17.2R1, y todos los releases posteriores tienen una resoluci\\u00f3n para esta vulnerabilidad.\"}]",
      "id": "CVE-2017-2313",
      "lastModified": "2024-11-21T03:23:15.867",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-04-24T15:59:00.207",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/97606\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038257\", \"source\": \"sirt@juniper.net\"}, {\"url\": \"https://kb.juniper.net/JSA10778\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/97606\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038257\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://kb.juniper.net/JSA10778\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-2313\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2017-04-24T15:59:00.207\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Dispositivos de Juniper Networks que ejecutan las versiones afectadas Junos OS pueden verse afectados por el recibo de una BGP UPDATE manipulada que puede conducir a un fallo y un reinicio del rpd (enrutamiento del daemon del proceso). Los repetidos bloqueos del daemon rpd pueden resultar en una condici\u00f3n extendida de denegaci\u00f3n de servicio. Las versiones del sistema operativo Junos afectadas son: 15.1 antes de 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 antes de 15.1X49-D78, 15.1X49-D80; 15.1X53 antes de 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 antes de 16.1R3-S3, 16.1R4; 16.2 antes de 16.2R1-S3, 16.2R2; Releases antes de Junos OS 15.1 no se ven afectados por esta vulnerabilidad. 17.1R1, 17.2R1, y todos los releases posteriores tienen una resoluci\u00f3n para esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C56F5C48-BA48-4EE1-88BE-782B3CFB3B90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C56E6C3-BBB6-4853-91D9-99C7676D0CD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*\",\"matchCriteriaId\":\"71D211B9-B2FE-4324-AAEE-8825D5238E48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f7:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD332D86-5DA7-49A4-98C3-E4D946832DC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"08FC0245-A4FF-42C0-A236-8569301E351A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"120EA9E3-788B-4CFD-A74F-17111FFD0131\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"D90D8985-34EF-44CC-A9A7-CB0FD22676F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"18468579-0195-4DDE-BAA5-4BE4068F3A69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E5FAA97-171F-4DB9-B78E-6E1A5F34336A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"870244F3-1C05-4F10-A205-5189BB860F46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"235EE40B-AA15-4F39-8087-A051F4F70995\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*\",\"matchCriteriaId\":\"17330544-3AFC-463E-A146-2840A8AE17D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ABA301F-7866-42A5-8391-E07BEAFF06FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*\",\"matchCriteriaId\":\"1901864B-688B-4352-A587-4B96B4E49FB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*\",\"matchCriteriaId\":\"78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B6670FB-9F5A-469B-97F2-074C28572065\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*\",\"matchCriteriaId\":\"71198992-83AA-4E28-BA7D-A3C1897B5E2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*\",\"matchCriteriaId\":\"4323D874-C317-4D76-8E2D-C82376D84CBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E87C765-8D68-404A-AC71-3F22A7260E8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E3B807C-196D-42B8-9042-7582A1366772\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*\",\"matchCriteriaId\":\"83FEEE8F-9279-46F2-BAF9-A60537020C61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBD36C0D-0F44-4349-968D-4CD60F281D84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F294E43-73FA-4EF3-90F2-EE29C56D6573\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDDE1048-BFEA-4A3E-8270-27C538A68837\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC517CD0-FF35-498F-AD33-683B43CA3829\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*\",\"matchCriteriaId\":\"53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*\",\"matchCriteriaId\":\"962CCED8-E321-4878-9BE6-0DC33778559A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B08B97A-5D4D-405B-A1C4-9E327E4EED35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*\",\"matchCriteriaId\":\"738C1061-E8B8-4924-AFE9-5E59F22CA4A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*\",\"matchCriteriaId\":\"9071DC8C-D0AA-448E-82BF-7C801199193F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d70:*:*:*:*:*:*\",\"matchCriteriaId\":\"88BAA95F-7CA2-46A0-8F60-588941AF3E44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBE35BDC-7739-4854-8BB8-E8600603DE9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC47132-9EEA-4518-8F86-5CD231FBFB61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD5A30CE-9498-4007-8E66-FD0CC6CF1836\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D3E38C1-808C-4BD3-993D-F30855F5390F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3661BC68-6F32-447F-8D20-FD73FBBED9C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B6097D4-3856-4696-9A26-5B6C0FD9AD6C\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/97606\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038257\",\"source\":\"sirt@juniper.net\"},{\"url\":\"https://kb.juniper.net/JSA10778\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/97606\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038257\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://kb.juniper.net/JSA10778\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CERTFR-2017-AVI-111

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Juniper EX Series avec IPv6
Juniper Networks	Junos OS	Junos OS versions 15.1 et postérieures avec BGP
Juniper Networks	N/A	NorthStar Controller Application antérieures à la version 2.1.0 SP1
Juniper Networks	Junos OS	Junos OS
Juniper Networks	N/A	Juniper SRX, vSRX et J-Series avec le serveur DNS Proxy actif

References

Title

Publication Time

Tags

Bulletin de sécurité JSA10776 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10778 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10781 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10785 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10780 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10783 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10786 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10777 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10784 Juniper du 12 avril 2017	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Juniper EX Series avec IPv6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 et post\u00e9rieures avec BGP",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NorthStar Controller Application ant\u00e9rieures \u00e0 la version 2.1.0 SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper SRX, vSRX et J-Series avec le serveur DNS Proxy actif",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-9310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9310"
    },
    {
      "name": "CVE-2017-2322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2322"
    },
    {
      "name": "CVE-2015-7973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7973"
    },
    {
      "name": "CVE-2017-2316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2316"
    },
    {
      "name": "CVE-2017-2328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2328"
    },
    {
      "name": "CVE-2016-9131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9131"
    },
    {
      "name": "CVE-2015-1349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1349"
    },
    {
      "name": "CVE-2017-2333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2333"
    },
    {
      "name": "CVE-2015-5477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5477"
    },
    {
      "name": "CVE-2015-8158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8158"
    },
    {
      "name": "CVE-2015-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2808"
    },
    {
      "name": "CVE-2015-3456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3456"
    },
    {
      "name": "CVE-2016-7429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7429"
    },
    {
      "name": "CVE-2017-2319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2319"
    },
    {
      "name": "CVE-2013-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4450"
    },
    {
      "name": "CVE-2016-1886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1886"
    },
    {
      "name": "CVE-2016-9311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9311"
    },
    {
      "name": "CVE-2015-8138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8138"
    },
    {
      "name": "CVE-2017-2334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2334"
    },
    {
      "name": "CVE-2017-2332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2332"
    },
    {
      "name": "CVE-2017-2340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2340"
    },
    {
      "name": "CVE-2017-2325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2325"
    },
    {
      "name": "CVE-2015-4620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4620"
    },
    {
      "name": "CVE-2017-2329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2329"
    },
    {
      "name": "CVE-2017-2318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2318"
    },
    {
      "name": "CVE-2017-2320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2320"
    },
    {
      "name": "CVE-2015-8104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8104"
    },
    {
      "name": "CVE-2016-7427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7427"
    },
    {
      "name": "CVE-2017-2330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2330"
    },
    {
      "name": "CVE-2017-2324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2324"
    },
    {
      "name": "CVE-2017-2317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2317"
    },
    {
      "name": "CVE-2016-1014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1014"
    },
    {
      "name": "CVE-2016-2776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2776"
    },
    {
      "name": "CVE-2015-7979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7979"
    },
    {
      "name": "CVE-2015-3209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3209"
    },
    {
      "name": "CVE-2017-2331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2331"
    },
    {
      "name": "CVE-2017-2326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2326"
    },
    {
      "name": "CVE-2017-2315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2315"
    },
    {
      "name": "CVE-2016-7431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7431"
    },
    {
      "name": "CVE-2017-2313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2313"
    },
    {
      "name": "CVE-2017-2323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2323"
    },
    {
      "name": "CVE-2016-9147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9147"
    },
    {
      "name": "CVE-2017-2327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2327"
    },
    {
      "name": "CVE-2015-5307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5307"
    },
    {
      "name": "CVE-2016-8864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8864"
    },
    {
      "name": "CVE-2017-2321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2321"
    },
    {
      "name": "CVE-2017-2312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2312"
    },
    {
      "name": "CVE-2016-9444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9444"
    }
  ],
  "links": [],
  "reference": "CERTFR-2017-AVI-111",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-04-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Juniper\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10776 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10776\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10778 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10778\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10781 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10781\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10785 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10785\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10780 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10780\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10783 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10783\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10786 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10786\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10777 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10777\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10784 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10784\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2017-AVI-111

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Juniper EX Series avec IPv6
Juniper Networks	Junos OS	Junos OS versions 15.1 et postérieures avec BGP
Juniper Networks	N/A	NorthStar Controller Application antérieures à la version 2.1.0 SP1
Juniper Networks	Junos OS	Junos OS
Juniper Networks	N/A	Juniper SRX, vSRX et J-Series avec le serveur DNS Proxy actif

References

Title

Publication Time

Tags

Bulletin de sécurité JSA10776 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10778 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10781 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10785 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10780 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10783 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10786 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10777 Juniper du 12 avril 2017	None	vendor-advisory
Bulletin de sécurité JSA10784 Juniper du 12 avril 2017	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Juniper EX Series avec IPv6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 et post\u00e9rieures avec BGP",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NorthStar Controller Application ant\u00e9rieures \u00e0 la version 2.1.0 SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper SRX, vSRX et J-Series avec le serveur DNS Proxy actif",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-9310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9310"
    },
    {
      "name": "CVE-2017-2322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2322"
    },
    {
      "name": "CVE-2015-7973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7973"
    },
    {
      "name": "CVE-2017-2316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2316"
    },
    {
      "name": "CVE-2017-2328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2328"
    },
    {
      "name": "CVE-2016-9131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9131"
    },
    {
      "name": "CVE-2015-1349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1349"
    },
    {
      "name": "CVE-2017-2333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2333"
    },
    {
      "name": "CVE-2015-5477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5477"
    },
    {
      "name": "CVE-2015-8158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8158"
    },
    {
      "name": "CVE-2015-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2808"
    },
    {
      "name": "CVE-2015-3456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3456"
    },
    {
      "name": "CVE-2016-7429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7429"
    },
    {
      "name": "CVE-2017-2319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2319"
    },
    {
      "name": "CVE-2013-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4450"
    },
    {
      "name": "CVE-2016-1886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1886"
    },
    {
      "name": "CVE-2016-9311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9311"
    },
    {
      "name": "CVE-2015-8138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8138"
    },
    {
      "name": "CVE-2017-2334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2334"
    },
    {
      "name": "CVE-2017-2332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2332"
    },
    {
      "name": "CVE-2017-2340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2340"
    },
    {
      "name": "CVE-2017-2325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2325"
    },
    {
      "name": "CVE-2015-4620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4620"
    },
    {
      "name": "CVE-2017-2329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2329"
    },
    {
      "name": "CVE-2017-2318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2318"
    },
    {
      "name": "CVE-2017-2320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2320"
    },
    {
      "name": "CVE-2015-8104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8104"
    },
    {
      "name": "CVE-2016-7427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7427"
    },
    {
      "name": "CVE-2017-2330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2330"
    },
    {
      "name": "CVE-2017-2324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2324"
    },
    {
      "name": "CVE-2017-2317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2317"
    },
    {
      "name": "CVE-2016-1014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1014"
    },
    {
      "name": "CVE-2016-2776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2776"
    },
    {
      "name": "CVE-2015-7979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7979"
    },
    {
      "name": "CVE-2015-3209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3209"
    },
    {
      "name": "CVE-2017-2331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2331"
    },
    {
      "name": "CVE-2017-2326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2326"
    },
    {
      "name": "CVE-2017-2315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2315"
    },
    {
      "name": "CVE-2016-7431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7431"
    },
    {
      "name": "CVE-2017-2313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2313"
    },
    {
      "name": "CVE-2017-2323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2323"
    },
    {
      "name": "CVE-2016-9147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9147"
    },
    {
      "name": "CVE-2017-2327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2327"
    },
    {
      "name": "CVE-2015-5307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5307"
    },
    {
      "name": "CVE-2016-8864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8864"
    },
    {
      "name": "CVE-2017-2321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2321"
    },
    {
      "name": "CVE-2017-2312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2312"
    },
    {
      "name": "CVE-2016-9444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9444"
    }
  ],
  "links": [],
  "reference": "CERTFR-2017-AVI-111",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-04-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Juniper\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10776 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10776\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10778 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10778\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10781 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10781\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10785 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10785\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10780 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10780\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10783 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10783\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10786 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10786\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10777 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10777\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 JSA10784 Juniper du 12 avril 2017",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10784\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

GSD-2017-2313

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-2313

Aliases

CVE-2017-2313

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-2313",
    "description": "Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability.",
    "id": "GSD-2017-2313"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-2313"
      ],
      "details": "Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability.",
      "id": "GSD-2017-2313",
      "modified": "2023-12-13T01:21:05.647179Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "ID": "CVE-2017-2313",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Junos OS with BGP enabled",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6"
                        },
                        {
                          "version_value": "15.1X49 prior to 15.1X49-D78, 15.1X49-D80"
                        },
                        {
                          "version_value": "15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70"
                        },
                        {
                          "version_value": "16.1 prior to 16.1R3-S3, 16.1R4"
                        },
                        {
                          "version_value": "16.2 prior to 16.2R1-S3, 16.2R2"
                        },
                        {
                          "version_value": "Releases prior to Junos OS 15.1 are unaffected by this vulnerability."
                        },
                        {
                          "version_value": "17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "denial of service vulnerability"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://kb.juniper.net/JSA10778",
            "refsource": "CONFIRM",
            "url": "https://kb.juniper.net/JSA10778"
          },
          {
            "name": "1038257",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1038257"
          },
          {
            "name": "97606",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/97606"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d70:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2017-2313"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10778",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://kb.juniper.net/JSA10778"
            },
            {
              "name": "97606",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/97606"
            },
            {
              "name": "1038257",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1038257"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2017-07-11T01:33Z",
      "publishedDate": "2017-04-24T15:59Z"
    }
  }
}

CNVD-2017-07129

Vulnerability from cnvd - Published: 2017-05-22

Title

Juniper Junos拒绝服务漏洞（CNVD-2017-07129）

Description

Juniper Junos是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件系统的网络操作系统。该操作系统提供了安全编程接口和JunosSDK。 Juniper Junos中存在拒绝服务漏洞。攻击者可利用该漏洞造成受影响的设备崩溃和重启，导致拒绝服务。

Severity

中

Patch Name

Juniper Junos拒绝服务漏洞（CNVD-2017-07129）的补丁

Patch Description

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10778&cat=SIRT_1&actp=LIST

Reference

http://www.securityfocus.com/bid/97606 https://nvd.nist.gov/vuln/detail/CVE-2017-2313

Impacted products

Name
Juniper Junos OS 15.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-2313"
    }
  },
  "description": "Juniper Junos\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u7cfb\u7edf\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunosSDK\u3002\r\n\r\nJuniper Junos\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u5d29\u6e83\u548c\u91cd\u542f\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Juniper",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10778\u0026cat=SIRT_1\u0026actp=LIST",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-07129",
  "openTime": "2017-05-22",
  "patchDescription": "Juniper Junos\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u7cfb\u7edf\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunosSDK\u3002 \r\n\r\nJuniper Junos\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u5d29\u6e83\u548c\u91cd\u542f\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "patchName": "Juniper Junos\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-07129\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Juniper    Junos OS 15.1"
  },
  "referenceLink": "http://www.securityfocus.com/bid/97606\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-2313",
  "serverity": "\u4e2d",
  "submitTime": "2017-04-28",
  "title": "Juniper Junos\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-07129\uff09"
}

VAR-201704-0734

Vulnerability from variot - Updated: 2023-12-18 13:19

Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability. Juniper Networks Works with device products Junos OS Contains an input validation vulnerability.Service operation interruption (DoS) An attack may be carried out. Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash and restart the affected device, denying service to legitimate users. Junos OS in Juniper Networks devices has a security vulnerability

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201704-0734",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "16.1"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "15.1"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "16.2"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "15.1x53"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "15.1x49"
      },
      {
        "model": "junos os",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "15.1"
      },
      {
        "model": "junos os 17.2r1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 17.1r1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 16.2r2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 16.2r1-s3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 16.2r1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 16.1r4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 16.1r3-s3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 16.1r2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 16.1r1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 15.1x53-d70",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 15.1x53-d63",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 15.1x53-d230",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 15.1x49-d80",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 15.1x49-d78",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 15.1r6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 15.1r5-s2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 15.1r4-s7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 15.1f7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 15.1f6-s5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 15.1f5-s7",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 15.1f2-s15",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "97606"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003625"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2313"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-990"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d70:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2313"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "97606"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-2313",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2017-2313",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-110516",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2017-2313",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-2313",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201704-990",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-110516",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110516"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003625"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2313"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-990"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability. Juniper Networks Works with device products Junos OS Contains an input validation vulnerability.Service operation interruption (DoS) An attack may be carried out. Juniper Junos is prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to crash and restart the affected device, denying service to legitimate users. Junos OS in Juniper Networks devices has a security vulnerability",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2313"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003625"
      },
      {
        "db": "BID",
        "id": "97606"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110516"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-2313",
        "trust": 2.8
      },
      {
        "db": "JUNIPER",
        "id": "JSA10778",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "97606",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1038257",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003625",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-990",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-110516",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110516"
      },
      {
        "db": "BID",
        "id": "97606"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003625"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2313"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-990"
      }
    ]
  },
  "id": "VAR-201704-0734",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110516"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:19:31.873000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "JSA10778",
        "trust": 0.8,
        "url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10778\u0026actp=metadata"
      },
      {
        "title": "Juniper Junos Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=69415"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003625"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-990"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110516"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003625"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2313"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/97606"
      },
      {
        "trust": 1.7,
        "url": "https://kb.juniper.net/jsa10778"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1038257"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2313"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2313"
      },
      {
        "trust": 0.3,
        "url": "http://www.juniper.net/"
      },
      {
        "trust": 0.3,
        "url": "http://www.juniper.net/us/en/products-services/nos/junos/"
      },
      {
        "trust": 0.3,
        "url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10778\u0026cat=sirt_1\u0026actp=list"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110516"
      },
      {
        "db": "BID",
        "id": "97606"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003625"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2313"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-990"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-110516"
      },
      {
        "db": "BID",
        "id": "97606"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003625"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2313"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-990"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-04-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110516"
      },
      {
        "date": "2017-04-12T00:00:00",
        "db": "BID",
        "id": "97606"
      },
      {
        "date": "2017-05-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-003625"
      },
      {
        "date": "2017-04-24T15:59:00.207000",
        "db": "NVD",
        "id": "CVE-2017-2313"
      },
      {
        "date": "2017-04-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-990"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110516"
      },
      {
        "date": "2017-04-18T01:05:00",
        "db": "BID",
        "id": "97606"
      },
      {
        "date": "2017-05-31T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-003625"
      },
      {
        "date": "2017-07-11T01:33:32.440000",
        "db": "NVD",
        "id": "CVE-2017-2313"
      },
      {
        "date": "2017-04-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-990"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-990"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Juniper Networks Works with device products  Junos OS Input validation vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-003625"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-990"
      }
    ],
    "trust": 0.6
  }
}

GHSA-X2HC-2QMV-93RC

Vulnerability from github – Published: 2022-05-17 02:32 – Updated: 2022-05-17 02:32

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-2313"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-04-24T15:59:00Z",
    "severity": "HIGH"
  },
  "details": "Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability.",
  "id": "GHSA-x2hc-2qmv-93rc",
  "modified": "2022-05-17T02:32:48Z",
  "published": "2022-05-17T02:32:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2313"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA10778"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/97606"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038257"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2017-2313

Vulnerability from fkie_nvd - Published: 2017-04-24 15:59 - Updated: 2025-04-20 01:37

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
sirt@juniper.net	http://www.securityfocus.com/bid/97606	Third Party Advisory, VDB Entry
sirt@juniper.net	http://www.securitytracker.com/id/1038257
sirt@juniper.net	https://kb.juniper.net/JSA10778	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/97606	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038257
af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA10778	Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	16.1
juniper	junos	16.1
juniper	junos	16.1
juniper	junos	16.1
juniper	junos	16.2
juniper	junos	16.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*",
              "matchCriteriaId": "C56F5C48-BA48-4EE1-88BE-782B3CFB3B90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
              "matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*",
              "matchCriteriaId": "2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*",
              "matchCriteriaId": "71D211B9-B2FE-4324-AAEE-8825D5238E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f7:*:*:*:*:*:*",
              "matchCriteriaId": "BD332D86-5DA7-49A4-98C3-E4D946832DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "08FC0245-A4FF-42C0-A236-8569301E351A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "120EA9E3-788B-4CFD-A74F-17111FFD0131",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
              "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
              "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
              "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
              "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
              "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
              "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
              "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
              "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
              "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
              "matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
              "matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
              "matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*",
              "matchCriteriaId": "6E87C765-8D68-404A-AC71-3F22A7260E8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
              "matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
              "matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*",
              "matchCriteriaId": "BBD36C0D-0F44-4349-968D-4CD60F281D84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
              "matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
              "matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
              "matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
              "matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*",
              "matchCriteriaId": "962CCED8-E321-4878-9BE6-0DC33778559A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*",
              "matchCriteriaId": "2B08B97A-5D4D-405B-A1C4-9E327E4EED35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*",
              "matchCriteriaId": "738C1061-E8B8-4924-AFE9-5E59F22CA4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*",
              "matchCriteriaId": "9071DC8C-D0AA-448E-82BF-7C801199193F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d70:*:*:*:*:*:*",
              "matchCriteriaId": "88BAA95F-7CA2-46A0-8F60-588941AF3E44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BBE35BDC-7739-4854-8BB8-E8600603DE9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "2DC47132-9EEA-4518-8F86-5CD231FBFB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "CD5A30CE-9498-4007-8E66-FD0CC6CF1836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "6D3E38C1-808C-4BD3-993D-F30855F5390F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "3661BC68-6F32-447F-8D20-FD73FBBED9C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "5B6097D4-3856-4696-9A26-5B6C0FD9AD6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability."
    },
    {
      "lang": "es",
      "value": "Dispositivos de Juniper Networks que ejecutan las versiones afectadas Junos OS pueden verse afectados por el recibo de una BGP UPDATE manipulada que puede conducir a un fallo y un reinicio del rpd (enrutamiento del daemon del proceso). Los repetidos bloqueos del daemon rpd pueden resultar en una condici\u00f3n extendida de denegaci\u00f3n de servicio. Las versiones del sistema operativo Junos afectadas son: 15.1 antes de 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 antes de 15.1X49-D78, 15.1X49-D80; 15.1X53 antes de 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 antes de 16.1R3-S3, 16.1R4; 16.2 antes de 16.2R1-S3, 16.2R2; Releases antes de Junos OS 15.1 no se ven afectados por esta vulnerabilidad. 17.1R1, 17.2R1, y todos los releases posteriores tienen una resoluci\u00f3n para esta vulnerabilidad."
    }
  ],
  "id": "CVE-2017-2313",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-24T15:59:00.207",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97606"
    },
    {
      "source": "sirt@juniper.net",
      "url": "http://www.securitytracker.com/id/1038257"
    },
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10778"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97606"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038257"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10778"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-2313 (GCVE-0-2017-2313)

CERTFR-2017-AVI-111

Solution

CERTFR-2017-AVI-111

Solution

GSD-2017-2313

CNVD-2017-07129

VAR-201704-0734

GHSA-X2HC-2QMV-93RC

FKIE_CVE-2017-2313

Tags

Sightings

Nomenclature