CVE-2017-2302

30.05.2017, 14:29

On Juniper Networks products or platforms running Junos OS 12.1X46 prior to 12.1X46-D55, 12.1X47 prior to 12.1X47-D45, 12.3R13 prior to 12.3R13, 12.3X48 prior to 12.3X48-D35, 13.3 prior to 13.3R10, 14.1 prior to 14.1R8, 14.1X53 prior to 14.1X53-D40, 14.1X55 prior to 14.1X55-D35, 14.2 prior to 14.2R6, 15.1 prior to 15.1F2 or 15.1R1, 15.1X49 prior to 15.1X49-D20 where the BGP add-path feature is enabled with 'send' option or with both 'send' and 'receive' options, a network based attacker can cause the Junos OS rpd daemon to crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
juniper	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 73%

Vendor	Product	Version
juniper	junos	12.1x46:x46
juniper	junos	12.1x46:x46
juniper	junos	12.1x46:x46
juniper	junos	12.1x46:x46
juniper	junos	12.1x46:x46
juniper	junos	12.1x46:x46
juniper	junos	12.1x46:x46
juniper	junos	12.1x46:x46
juniper	junos	12.1x46:x46
juniper	junos	12.1x46:x46
juniper	junos	12.1x47:x47
juniper	junos	12.1x47:x47
juniper	junos	12.1x47:x47
juniper	junos	12.1x47:x47
juniper	junos	12.1x47:x47
juniper	junos	12.1x47:x47
juniper	junos	12.1x47:x47
juniper	junos	12.1x47:x47
juniper	junos	12.3
juniper	junos	12.3:r1
juniper	junos	12.3:r11
juniper	junos	12.3:r12
juniper	junos	12.3:r2
juniper	junos	12.3:r3
juniper	junos	12.3:r4
juniper	junos	12.3:r5
juniper	junos	12.3:r6
juniper	junos	12.3:r7
juniper	junos	12.3:r8
juniper	junos	12.3:r9
juniper	junos	12.3x48:x48
juniper	junos	12.3x48:x48
juniper	junos	12.3x48:x48
juniper	junos	12.3x48:x48
juniper	junos	13.3
juniper	junos	13.3:r1
juniper	junos	13.3:r2
juniper	junos	13.3:r3
juniper	junos	13.3:r4
juniper	junos	13.3:r5
juniper	junos	13.3:r6
juniper	junos	13.3:r7
juniper	junos	13.3:r8
juniper	junos	13.3:r9
juniper	junos	14.1
juniper	junos	14.1:r1
juniper	junos	14.1:r2
juniper	junos	14.1:r3
juniper	junos	14.1:r4
juniper	junos	14.1:r5
juniper	junos	14.1:r6
juniper	junos	14.1:r7
juniper	junos	14.1x53:x53
juniper	junos	14.1x53:x53
juniper	junos	14.1x53:x53
juniper	junos	14.1x53:x53
juniper	junos	14.1x53:x53
juniper	junos	14.1x53:x53
juniper	junos	14.1x53:x53
juniper	junos	14.1x53:x53
juniper	junos	14.1x53:x53
juniper	junos	14.1x55:x55
juniper	junos	14.1x55:x55
juniper	junos	14.1x55:x55
juniper	junos	14.1x55:x55
juniper	junos	14.1x55:x55
juniper	junos	15.1
juniper	junos	15.1:f1
juniper	junos	15.1:r1
juniper	junos	15.1x49:x49
juniper	junos	15.1x49:x49

𝑥

= Vulnerable software versions

References

http://www.securityfocus.com/bid/95394

http://www.securitytracker.com/id/1037595

https://kb.juniper.net/JSA10771

http://www.securityfocus.com/bid/95394

http://www.securitytracker.com/id/1037595

https://kb.juniper.net/JSA10771