Lucene search

[email protected]CVE-2017-10618

HistoryOct 13, 2017 - 5:29 p.m.

CVE-2017-10618

2017-10-1317:29:00

[email protected]

web.nvd.nist.gov

cve-2017-10618

bgp

rpd

juniper networks

junos os

security vulnerability

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

62.0%

JSON

When the ‘bgp-error-tolerance’ feature â�" designed to help mitigate remote session resets from malformed path attributes â�" is enabled, a BGP UPDATE containing a specifically crafted set of transitive attributes can cause the RPD routing process to crash and restart. Devices with BGP enabled that do not have ‘bgp-error-tolerance’ configured are not vulnerable to this issue. Affected releases are Juniper Networks Junos OS 13.3 prior to 13.3R10-S2; 14.1 prior to 14.1R8-S4, 14.1R9; 14.1X50 prior to 14.1X50-D185; 14.1X53 prior to 14.1X53-D45, 14.1X53-D50; 14.2 prior to 14.2R7-S7, 14.2R8; 15.1 prior to 15.1F5-S8, 15.1F6-S7, 15.1R5-S6, 15.1R6-S2, 15.1R7; 15.1X49 prior to 15.1X49-D100; 15.1X53 prior to 15.1X53-D64, 15.1X53-D70; 16.1 prior to 16.1R3-S4, 16.1R4-S3, 16.1R5; 16.2 prior to 16.2R1-S5, 16.2R2; 17.1 prior to 17.1R1-S3, 17.1R2; 17.2 prior to 17.2R1-S2, 17.2R2; 17.2X75 prior to 17.2X75-D50. No other Juniper Networks products or platforms are affected by this issue.

Affected configurations

NVD

Node

juniperjunosMatch13.3

juniperjunosMatch13.3r10

juniperjunosMatch13.3r2

juniperjunosMatch13.3r3

juniperjunosMatch13.3r4

juniperjunosMatch13.3r5

juniperjunosMatch13.3r6

juniperjunosMatch13.3r7

juniperjunosMatch13.3r8

juniperjunosMatch13.3r9

Node

juniperjunosMatch14.1

juniperjunosMatch14.1r1

juniperjunosMatch14.1r2

juniperjunosMatch14.1r3

juniperjunosMatch14.1r4

juniperjunosMatch14.1r5

juniperjunosMatch14.1r6

juniperjunosMatch14.1r7

juniperjunosMatch14.1r8

juniperjunosMatch14.1r9

Node

juniperjunosMatch14.1x50

juniperjunosMatch14.1x50d60

Node

juniperjunosMatch14.1x53

juniperjunosMatch14.1x53d10

juniperjunosMatch14.1x53d15

juniperjunosMatch14.1x53d16

juniperjunosMatch14.1x53d25

juniperjunosMatch14.1x53d26

juniperjunosMatch14.1x53d27

juniperjunosMatch14.1x53d30

juniperjunosMatch14.1x53d35

juniperjunosMatch14.1x53d40

juniperjunosMatch14.1x53d42

juniperjunosMatch14.1x53d43

juniperjunosMatch14.1x53d44

juniperjunosMatch14.1x53d50

Node

juniperjunosMatch14.2

juniperjunosMatch14.2r1

juniperjunosMatch14.2r2

juniperjunosMatch14.2r3

juniperjunosMatch14.2r4

juniperjunosMatch14.2r5

juniperjunosMatch14.2r6

juniperjunosMatch14.2r7

juniperjunosMatch14.2r8

Node

juniperjunosMatch15.1

juniperjunosMatch15.1f1

juniperjunosMatch15.1f2

juniperjunosMatch15.1f2-s1

juniperjunosMatch15.1f2-s2

juniperjunosMatch15.1f2-s3

juniperjunosMatch15.1f2-s4

juniperjunosMatch15.1f3

juniperjunosMatch15.1f4

juniperjunosMatch15.1f5

juniperjunosMatch15.1f6-s7

juniperjunosMatch15.1r1

juniperjunosMatch15.1r2

juniperjunosMatch15.1r3

juniperjunosMatch15.1r4

juniperjunosMatch15.1r5

juniperjunosMatch15.1r5-s6

juniperjunosMatch15.1r6-s2

juniperjunosMatch15.1r7

Node

juniperjunosMatch15.1x49

juniperjunosMatch15.1x49d10

juniperjunosMatch15.1x49d20

juniperjunosMatch15.1x49d30

juniperjunosMatch15.1x49d35

juniperjunosMatch15.1x49d40

juniperjunosMatch15.1x49d45

juniperjunosMatch15.1x49d50

juniperjunosMatch15.1x49d55

juniperjunosMatch15.1x49d60

juniperjunosMatch15.1x49d65

juniperjunosMatch15.1x49d70

juniperjunosMatch15.1x49d75

juniperjunosMatch15.1x49d80

juniperjunosMatch15.1x49d90

Node

juniperjunosMatch15.1x53

juniperjunosMatch15.1x53d10

juniperjunosMatch15.1x53d20

juniperjunosMatch15.1x53d21

juniperjunosMatch15.1x53d25

juniperjunosMatch15.1x53d30

juniperjunosMatch15.1x53d32

juniperjunosMatch15.1x53d33

juniperjunosMatch15.1x53d34

juniperjunosMatch15.1x53d50

juniperjunosMatch15.1x53d51

juniperjunosMatch15.1x53d52

juniperjunosMatch15.1x53d55

juniperjunosMatch15.1x53d57

juniperjunosMatch15.1x53d60

juniperjunosMatch15.1x53d61

juniperjunosMatch15.1x53d62

juniperjunosMatch15.1x53d63

juniperjunosMatch15.1x53d70

Node

juniperjunosMatch16.1

juniperjunosMatch16.1r1

juniperjunosMatch16.1r2

juniperjunosMatch16.1r3

juniperjunosMatch16.1r4-s3

juniperjunosMatch16.1r5

Node

juniperjunosMatch16.2

juniperjunosMatch16.2r1

juniperjunosMatch16.2r2

Node

juniperjunosMatch17.1

juniperjunosMatch17.1r1

juniperjunosMatch17.1r2

Node

juniperjunosMatch17.2

juniperjunosMatch17.2r1

juniperjunosMatch17.2r2

Node

juniperjunosMatch17.2x75

CPENameOperatorVersion
juniper:junosjuniper junoseq13.3

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	13.3

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "status": "affected",
        "version": "13.3 prior to 13.3R10-S2"
      },
      {
        "status": "affected",
        "version": "14.1 prior to 14.1R8-S4, 14.1R9"
      },
      {
        "status": "affected",
        "version": "14.1X50 prior to 14.1X50-D185"
      },
      {
        "status": "affected",
        "version": "14.1X53 prior to 14.1X53-D45, 14.1X53-D50"
      },
      {
        "status": "affected",
        "version": "14.2 prior to 14.2R7-S7, 14.2R8"
      },
      {
        "status": "affected",
        "version": "15.1 prior to 15.1F5-S8, 15.1F6-S7, 15.1R5-S6, 15.1R6-S2, 15.1R7"
      },
      {
        "status": "affected",
        "version": "15.1X49 prior to 15.1X49-D100"
      },
      {
        "status": "affected",
        "version": "15.1X53 prior to 15.1X53-D64, 15.1X53-D70"
      },
      {
        "status": "affected",
        "version": "16.1 prior to 16.1R3-S4, 16.1R4-S3, 16.1R5"
      },
      {
        "status": "affected",
        "version": "16.2 prior to 16.2R1-S5, 16.2R2"
      },
      {
        "status": "affected",
        "version": "17.1 prior to 17.1R1-S3, 17.1R2"
      },
      {
        "status": "affected",
        "version": "17.2 prior to 17.2R1-S2, 17.2R2"
      },
      {
        "status": "affected",
        "version": "17.2X75 prior to 17.2X75-D50"
      }
    ]
  }
]

References

kb.juniper.net/JSA10820

www.juniper.net/documentation/en_US/junos/topics/concept/bgp-error-handling-overview.html

www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/bgp-error-tolerance.html

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

62.0%

JSON

Related for CVE-2017-10618

cvelist1 nessus1 prion1 nvd1