CVE-2017-2300
Last modified
CVE-2017-2300 is a vulnerability of currently unknown severity. On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets.. EPSS estimates a 1.84% chance of exploitation in the next 30 days.
Description
On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Juniper | Junos | <= 12.1x46 | D60 |
| Juniper | Junos | <= 12.3x48 | D35 |
References
- http://www.securityfocus.com/bid/95400Third Party Advisory, VDB Entry
- https://kb.juniper.net/JSA10768Mitigation, Vendor Advisory
- http://www.securityfocus.com/bid/95400Third Party Advisory, VDB Entry
- https://kb.juniper.net/JSA10768Mitigation, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-2300?
How severe is CVE-2017-2300?
How do I fix CVE-2017-2300?
Are you affected by CVE-2017-2300?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST