Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2017-2348
HistoryJul 17, 2017 - 1:18 p.m.

CVE-2017-2348

2017-07-1713:18:24
CWE-400
[email protected]
web.nvd.nist.gov
39
juniper
jdhcpd
cpu utilization
crash
restart
denial of service
ipv6
udp packet
vulnerability
nvd
cve-2017-2348

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

40.4%

JSON

The Juniper Enhanced jdhcpd daemon may experience high CPU utilization, or crash and restart upon receipt of an invalid IPv6 UDP packet. Both high CPU utilization and repeated crashes of the jdhcpd daemon can result in a denial of service as DHCP service is interrupted. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D12, 14.1X53-D38, 14.1X53-D40 on QFX, EX, QFabric System; 15.1 prior to 15.1F2-S18, 15.1R4 on all products and platforms; 15.1X49 prior to 15.1X49-D80 on SRX; 15.1X53 prior to 15.1X53-D51, 15.1X53-D60 on NFX, QFX, EX.

Affected configurations

NVD
Node
juniperjunosMatch14.1x53
OR
juniperjunosMatch14.1x53d10
OR
juniperjunosMatch14.1x53d38
OR
juniperjunosMatch14.1x53d40
Node
juniperjunosMatch15.1
OR
juniperjunosMatch15.1f1
OR
juniperjunosMatch15.1f2
OR
juniperjunosMatch15.1f2-s1
OR
juniperjunosMatch15.1f2-s2
OR
juniperjunosMatch15.1f2-s3
OR
juniperjunosMatch15.1f2-s4
OR
juniperjunosMatch15.1r4
Node
juniperjunosMatch15.1x49
OR
juniperjunosMatch15.1x49d10
OR
juniperjunosMatch15.1x49d20
OR
juniperjunosMatch15.1x49d30
OR
juniperjunosMatch15.1x49d35
OR
juniperjunosMatch15.1x49d40
OR
juniperjunosMatch15.1x49d45
OR
juniperjunosMatch15.1x49d50
OR
juniperjunosMatch15.1x49d55
OR
juniperjunosMatch15.1x49d60
OR
juniperjunosMatch15.1x49d65
OR
juniperjunosMatch15.1x49d70
OR
juniperjunosMatch15.1x49d75
Node
juniperjunosMatch15.1x53
OR
juniperjunosMatch15.1x53d10
OR
juniperjunosMatch15.1x53d20
OR
juniperjunosMatch15.1x53d21
OR
juniperjunosMatch15.1x53d25
OR
juniperjunosMatch15.1x53d30
OR
juniperjunosMatch15.1x53d32
OR
juniperjunosMatch15.1x53d33
OR
juniperjunosMatch15.1x53d34
OR
juniperjunosMatch15.1x53d47
OR
juniperjunosMatch15.1x53d48
OR
juniperjunosMatch15.1x53d60
CPENameOperatorVersion
juniper:junosjuniper junoseq14.1x53

CNA Affected

[
  {
    "platforms": [
      "QFX, EX, QFabric System"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "status": "affected",
        "version": "14.1X53 prior to 14.1X53-D12, 14.1X53-D38, 14.1X53-D40"
      }
    ]
  },
  {
    "platforms": [
      "all products and platforms"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "status": "affected",
        "version": "15.1 prior to 15.1F2-S18, 15.1R4"
      }
    ]
  },
  {
    "platforms": [
      "SRX"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "status": "affected",
        "version": "15.1X49 prior to 15.1X49-D80"
      }
    ]
  },
  {
    "platforms": [
      "NFX, QFX, EX"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "status": "affected",
        "version": "15.1X53 prior to 15.1X53-D51, 15.1X53-D60"
      }
    ]
  }
]

Related

nvd 1
prion 1
cvelist 1
nessus 1
nvd
nvd
CVE-2017-2348
2017-07-17 13:18:24
prion
prion
Design/Logic Flaw
2017-07-17 13:18:00
cvelist
cvelist
CVE-2017-2348 Junos OS: jdhcpd daemon crash due to invalid IPv6 UDP packets
2017-07-12 00:00:00
nessus
nessus
Juniper Junos jdhcpd IPv6 UDP DoS (JSA10800)
2017-07-31 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

40.4%

JSON
Related for CVE-2017-2348
nvd1prion1cvelist1nessus1