CVE-2017-2313
Last modified
CVE-2017-2313 is a vulnerability of currently unknown severity. Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. EPSS estimates a 2.27% chance of exploitation in the next 30 days.
Description
Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Juniper | Junos | 15.1 | F1 |
| Juniper | Junos | 15.1x49 | D10 |
| Juniper | Junos | 15.1x53 | D10 |
| Juniper | Junos | 16.1 | R1 |
| Juniper | Junos | 16.2 | R1 |
References
- http://www.securityfocus.com/bid/97606Third Party Advisory, VDB Entry
- https://kb.juniper.net/JSA10778Vendor Advisory
- http://www.securityfocus.com/bid/97606Third Party Advisory, VDB Entry
- https://kb.juniper.net/JSA10778Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-2313?
How severe is CVE-2017-2313?
How do I fix CVE-2017-2313?
Are you affected by CVE-2017-2313?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST