CVE-2017-2347 (GCVE-0-2017-2347)
Vulnerability from cvelistv5 – Published: 2017-07-14 14:00 – Updated: 2024-09-16 18:18
VLAI?
Title
Junos: Denial of Service vulnerability in rpd daemon
Summary
A denial of service vulnerability in rpd daemon of Juniper Networks Junos OS allows a malformed MPLS ping packet to crash the rpd daemon if MPLS OAM is configured. Repeated crashes of the rpd daemon can result in an extended denial of service condition for the device. The affected releases are Junos OS 12.3X48 prior to 12.3X48-D50, 12.3X48-D55; 13.3 prior to 13.3R10; 14.1 prior to 14.1R4-S13, 14.1R8-S3, 14.1R9; 14.1X53 prior to 14.1X53-D42, 14.1X53-D50; 14.2 prior to 14.2R4-S8, 14.2R7-S6, 14.2R8; 15.1 prior to 15.1F2-S14, 15.1F5-S7, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5-S1, 15.1R6; 15.1X49 prior to 15.1X49-D100; 15.1X53 prior to 15.1X53-D105, 15.1X53-D47, 15.1X53-D62, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4. No other Juniper Networks products or platforms are affected by this issue.
Severity ?
6.5 (Medium)
CWE
- denial of service
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
12.3X48 prior to 12.3X48-D50, 12.3X48-D55
Affected: 13.3 prior to 13.3R10 Affected: 14.1 prior to 14.1R4-S13, 14.1R8-S3, 14.1R9 Affected: 14.1X53 prior to 14.1X53-D42, 14.1X53-D50 Affected: 14.2 prior to 14.2R4-S8, 14.2R7-S6, 14.2R8 Affected: 15.1 prior to 15.1F2-S14, 15.1F5-S7, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5-S1, 15.1R6 Affected: 15.1X49 prior to 15.1X49-D100 Affected: 15.1X53 prior to 15.1X53-D47, 15.1X53-D62, 15.1X53-D70, 15.1X53-D105 Affected: 16.1 prior to 16.1R3-S3, 16.1R4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:05.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038892",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038892"
},
{
"name": "100236",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100236"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10795"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "12.3X48 prior to 12.3X48-D50, 12.3X48-D55"
},
{
"status": "affected",
"version": "13.3 prior to 13.3R10"
},
{
"status": "affected",
"version": "14.1 prior to 14.1R4-S13, 14.1R8-S3, 14.1R9"
},
{
"status": "affected",
"version": "14.1X53 prior to 14.1X53-D42, 14.1X53-D50"
},
{
"status": "affected",
"version": "14.2 prior to 14.2R4-S8, 14.2R7-S6, 14.2R8"
},
{
"status": "affected",
"version": "15.1 prior to 15.1F2-S14, 15.1F5-S7, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5-S1, 15.1R6"
},
{
"status": "affected",
"version": "15.1X49 prior to 15.1X49-D100"
},
{
"status": "affected",
"version": "15.1X53 prior to 15.1X53-D47, 15.1X53-D62, 15.1X53-D70, 15.1X53-D105"
},
{
"status": "affected",
"version": "16.1 prior to 16.1R3-S3, 16.1R4"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue only affects devices where MPLS OAM is configured."
}
],
"datePublic": "2017-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability in rpd daemon of Juniper Networks Junos OS allows a malformed MPLS ping packet to crash the rpd daemon if MPLS OAM is configured. Repeated crashes of the rpd daemon can result in an extended denial of service condition for the device. The affected releases are Junos OS 12.3X48 prior to 12.3X48-D50, 12.3X48-D55; 13.3 prior to 13.3R10; 14.1 prior to 14.1R4-S13, 14.1R8-S3, 14.1R9; 14.1X53 prior to 14.1X53-D42, 14.1X53-D50; 14.2 prior to 14.2R4-S8, 14.2R7-S6, 14.2R8; 15.1 prior to 15.1F2-S14, 15.1F5-S7, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5-S1, 15.1R6; 15.1X49 prior to 15.1X49-D100; 15.1X53 prior to 15.1X53-D105, 15.1X53-D47, 15.1X53-D62, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4. No other Juniper Networks products or platforms are affected by this issue."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-11T09:57:01.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"name": "1038892",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038892"
},
{
"name": "100236",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100236"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10795"
}
],
"title": "Junos: Denial of Service vulnerability in rpd daemon",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
},
{
"lang": "en",
"value": "It is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the router only from trusted, administrative networks or hosts."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2017-07-12T09:00",
"ID": "CVE-2017-2347",
"STATE": "PUBLIC",
"TITLE": "Junos: Denial of Service vulnerability in rpd daemon"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "",
"version_value": "12.3X48 prior to 12.3X48-D50, 12.3X48-D55"
},
{
"platform": "",
"version_value": "13.3 prior to 13.3R10"
},
{
"platform": "",
"version_value": "14.1 prior to 14.1R4-S13, 14.1R8-S3, 14.1R9"
},
{
"platform": "",
"version_value": "14.1X53 prior to 14.1X53-D42, 14.1X53-D50"
},
{
"platform": "",
"version_value": "14.2 prior to 14.2R4-S8, 14.2R7-S6, 14.2R8"
},
{
"platform": "",
"version_value": "15.1 prior to 15.1F2-S14, 15.1F5-S7, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5-S1, 15.1R6"
},
{
"platform": "",
"version_value": "15.1X49 prior to 15.1X49-D100"
},
{
"platform": "",
"version_value": "15.1X53 prior to 15.1X53-D47, 15.1X53-D62, 15.1X53-D70, 15.1X53-D105"
},
{
"platform": "",
"version_value": "16.1 prior to 16.1R3-S3, 16.1R4"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue only affects devices where MPLS OAM is configured."
}
],
"credit": [],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A denial of service vulnerability in rpd daemon of Juniper Networks Junos OS allows a malformed MPLS ping packet to crash the rpd daemon if MPLS OAM is configured. Repeated crashes of the rpd daemon can result in an extended denial of service condition for the device. The affected releases are Junos OS 12.3X48 prior to 12.3X48-D50, 12.3X48-D55; 13.3 prior to 13.3R10; 14.1 prior to 14.1R4-S13, 14.1R8-S3, 14.1R9; 14.1X53 prior to 14.1X53-D42, 14.1X53-D50; 14.2 prior to 14.2R4-S8, 14.2R7-S6, 14.2R8; 15.1 prior to 15.1F2-S14, 15.1F5-S7, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5-S1, 15.1R6; 15.1X49 prior to 15.1X49-D100; 15.1X53 prior to 15.1X53-D105, 15.1X53-D47, 15.1X53-D62, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038892",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038892"
},
{
"name": "100236",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100236"
},
{
"name": "https://kb.juniper.net/JSA10795",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10795"
}
]
},
"solution": "The following software releases have been updated to resolve this specific issue: 12.3X48-D50, 12.3X48-D55, 13.3R10, 14.1R4-S13, 14.1R8-S3, 14.1R9, 14.1X53-D42, 14.1X53-D50, 14.2R4-S8, 14.2R7-S6, 14.2R8, 15.1F2-S14, 15.1F5-S7, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5-S1, 15.1R6, 15.1X49-D100, 15.1X53-D105, 15.1X53-D47, 15.1X53-D62, 15.1X53-D70, 16.1R3-S3, 16.1R4, 16.2R1, 17.1R1, and all subsequent releases.\n\nThis issue is being tracked as PR 1204027 and is visible on the Customer Support website.",
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
},
{
"lang": "en",
"value": "It is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the router only from trusted, administrative networks or hosts."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2017-2347",
"datePublished": "2017-07-14T14:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:18:59.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…