Lucene search

K
cve[email protected]CVE-2017-2312
HistoryApr 24, 2017 - 3:59 p.m.

CVE-2017-2312

2017-04-2415:59:00
CWE-772
web.nvd.nist.gov
23
juniper networks
junos os
cve-2017-2312
ldp
denial of service
memory exhaustion
nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

52.4%

On Juniper Networks devices running Junos OS affected versions and with LDP enabled, a specific LDP packet destined to the RE (Routing Engine) will consume a small amount of the memory allocated for the rpd (routing protocol daemon) process. Over time, repeatedly receiving this type of LDP packet(s) will cause the memory to exhaust and the rpd process to crash and restart. It is not possible to free up the memory that has been consumed without restarting the rpd process. This issue affects Junos OS based devices with either IPv4 or IPv6 LDP enabled via the [protocols ldp] configuration (the native IPv6 support for LDP is available in Junos OS 16.1 and higher). The interface on which the packet arrives needs to have LDP enabled. The affected Junos versions are: 13.3 prior to 13.3R10; 14.1 prior to 14.1R8; 14.2 prior to 14.2R7-S6 or 14.2R8; 15.1 prior to 15.1F2-S14, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5; 15.1X49 before 15.1X49-D70; 15.1X53 before 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 before 16.1R2. 16.2R1 and all subsequent releases have a resolution for this vulnerability.

Affected configurations

NVD
Node
juniperjunosMatch13.3
OR
juniperjunosMatch13.3r1
OR
juniperjunosMatch13.3r2
OR
juniperjunosMatch13.3r3
OR
juniperjunosMatch13.3r4
OR
juniperjunosMatch13.3r5
OR
juniperjunosMatch13.3r6
OR
juniperjunosMatch13.3r7
OR
juniperjunosMatch13.3r8
OR
juniperjunosMatch13.3r9
Node
juniperjunosMatch14.1
OR
juniperjunosMatch14.1r1
OR
juniperjunosMatch14.1r2
OR
juniperjunosMatch14.1r3
OR
juniperjunosMatch14.1r4
OR
juniperjunosMatch14.1r5
OR
juniperjunosMatch14.1r6
OR
juniperjunosMatch14.1r7
Node
juniperjunosMatch14.2r1
OR
juniperjunosMatch14.2r2
OR
juniperjunosMatch14.2r3
OR
juniperjunosMatch14.2r4
OR
juniperjunosMatch14.2r5
OR
juniperjunosMatch14.2r6
Node
juniperjunosMatch15.1f2
OR
juniperjunosMatch15.1f2-s1
OR
juniperjunosMatch15.1f2-s2
OR
juniperjunosMatch15.1f2-s3
OR
juniperjunosMatch15.1f2-s4
OR
juniperjunosMatch15.1f3
OR
juniperjunosMatch15.1f4
OR
juniperjunosMatch15.1f5
OR
juniperjunosMatch15.1f6
OR
juniperjunosMatch15.1r1
OR
juniperjunosMatch15.1r2
OR
juniperjunosMatch15.1r3
OR
juniperjunosMatch15.1r4
OR
juniperjunosMatch15.1x49d10
OR
juniperjunosMatch15.1x49d20
OR
juniperjunosMatch15.1x49d30
OR
juniperjunosMatch15.1x49d35
OR
juniperjunosMatch15.1x49d40
OR
juniperjunosMatch15.1x49d45
OR
juniperjunosMatch15.1x49d50
OR
juniperjunosMatch15.1x49d60
OR
juniperjunosMatch15.1x49d65
OR
juniperjunosMatch15.1x53d10
OR
juniperjunosMatch15.1x53d20
OR
juniperjunosMatch15.1x53d21
OR
juniperjunosMatch15.1x53d210
OR
juniperjunosMatch15.1x53d30
OR
juniperjunosMatch15.1x53d32
OR
juniperjunosMatch15.1x53d33
OR
juniperjunosMatch15.1x53d34
OR
juniperjunosMatch15.1x53d60
OR
juniperjunosMatch15.1x53d61
OR
juniperjunosMatch15.1x53d62
Node
juniperjunosMatch16.1r1
CPENameOperatorVersion
juniper:junosjuniper junoseq13.3

CNA Affected

[
  {
    "product": "Junos OS with LDP enabled",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "status": "affected",
        "version": "13.3 prior to 13.3R10"
      },
      {
        "status": "affected",
        "version": "14.1 prior to 14.1R8"
      },
      {
        "status": "affected",
        "version": "14.2 prior to 14.2R7-S6 or 14.2R8"
      },
      {
        "status": "affected",
        "version": "15.1 prior to 15.1F2-S14, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5"
      },
      {
        "status": "affected",
        "version": "15.1X49 before 15.1X49-D70"
      },
      {
        "status": "affected",
        "version": "15.1X53 before 15.1X53-D230, 15.1X53-D63, 15.1X53-D70"
      },
      {
        "status": "affected",
        "version": "16.1 before 16.1R2"
      },
      {
        "status": "affected",
        "version": "16.2R1 and all subsequent releases have a resolution for this vulnerability"
      }
    ]
  }
]

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

52.4%

Related for CVE-2017-2312