Lucene search

JuniperCVE-2017-2301

HistoryMay 30, 2017 - 2:29 p.m.

CVE-2017-2301

2017-05-3014:29:00

juniper

web.nvd.nist.gov

juniper networks

junos os

cve-2017-2301

dhcpv6

vulnerability

nvd

denial of service

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.003

Percentile

67.8%

JSON

On Juniper Networks products or platforms running Junos OS 11.4 prior to 11.4R13-S3, 12.1X46 prior to 12.1X46-D60, 12.3 prior to 12.3R12-S2 or 12.3R13, 12.3X48 prior to 12.3X48-D40, 13.2X51 prior to 13.2X51-D40, 13.3 prior to 13.3R10, 14.1 prior to 14.1R8, 14.1X53 prior to 14.1X53-D12 or 14.1X53-D35, 14.1X55 prior to 14.1X55-D35, 14.2 prior to 14.2R7, 15.1 prior to 15.1F6 or 15.1R3, 15.1X49 prior to 15.1X49-D60, 15.1X53 prior to 15.1X53-D30 and DHCPv6 enabled, when a crafted DHCPv6 packet is received from a subscriber, jdhcpd daemon crashes and restarts. Repeated crashes of the jdhcpd process may constitute an extended denial of service condition for subscribers attempting to obtain IPv6 addresses.

Affected configurations

Nvd

Node

juniperjunosMatch11.4-

juniperjunosMatch11.4r1

juniperjunosMatch11.4r10

juniperjunosMatch11.4r11

juniperjunosMatch11.4r12

juniperjunosMatch11.4r2

juniperjunosMatch11.4r3

juniperjunosMatch11.4r4

juniperjunosMatch11.4r5

juniperjunosMatch11.4r6

juniperjunosMatch11.4r7

juniperjunosMatch11.4r8

juniperjunosMatch11.4r9

juniperjunosMatch12.1x46-

juniperjunosMatch12.1x46d10

juniperjunosMatch12.1x46d15

juniperjunosMatch12.1x46d20

juniperjunosMatch12.1x46d25

juniperjunosMatch12.1x46d30

juniperjunosMatch12.1x46d35

juniperjunosMatch12.1x46d40

juniperjunosMatch12.1x46d45

juniperjunosMatch12.1x46d50

juniperjunosMatch12.1x46d55

juniperjunosMatch12.3-

juniperjunosMatch12.3r1

juniperjunosMatch12.3r10

juniperjunosMatch12.3r11

juniperjunosMatch12.3r2

juniperjunosMatch12.3r3

juniperjunosMatch12.3r4

juniperjunosMatch12.3r5

juniperjunosMatch12.3r7

juniperjunosMatch12.3r8

juniperjunosMatch12.3r9

juniperjunosMatch12.3x48-

juniperjunosMatch12.3x48d10

juniperjunosMatch12.3x48d15

juniperjunosMatch12.3x48d20

juniperjunosMatch12.3x48d25

juniperjunosMatch12.3x48d30

juniperjunosMatch12.3x48d35

juniperjunosMatch13.2x51-

juniperjunosMatch13.2x51d15

juniperjunosMatch13.2x51d20

juniperjunosMatch13.2x51d21

juniperjunosMatch13.2x51d25

juniperjunosMatch13.2x51d26

juniperjunosMatch13.2x51d30

juniperjunosMatch13.2x51d35

juniperjunosMatch13.3-

juniperjunosMatch13.3r1

juniperjunosMatch13.3r2

juniperjunosMatch13.3r3

juniperjunosMatch13.3r4

juniperjunosMatch13.3r5

juniperjunosMatch13.3r6

juniperjunosMatch13.3r7

juniperjunosMatch13.3r8

juniperjunosMatch13.3r9

juniperjunosMatch14.1-

juniperjunosMatch14.1r1

juniperjunosMatch14.1r2

juniperjunosMatch14.1r3

juniperjunosMatch14.1r4

juniperjunosMatch14.1r5

juniperjunosMatch14.1r6

juniperjunosMatch14.1r7

juniperjunosMatch14.1x53-

juniperjunosMatch14.1x53d10

juniperjunosMatch14.1x53d35

juniperjunosMatch14.1x55-

juniperjunosMatch14.1x55d16

juniperjunosMatch14.1x55d20

juniperjunosMatch14.1x55d25

juniperjunosMatch14.1x55d30

juniperjunosMatch14.2-

juniperjunosMatch14.2r1

juniperjunosMatch14.2r2

juniperjunosMatch14.2r3

juniperjunosMatch14.2r4

juniperjunosMatch14.2r5

juniperjunosMatch14.2r6

juniperjunosMatch15.1-

juniperjunosMatch15.1f1

juniperjunosMatch15.1f2

juniperjunosMatch15.1f3

juniperjunosMatch15.1f4

juniperjunosMatch15.1f5

juniperjunosMatch15.1r3

juniperjunosMatch15.1x49-

juniperjunosMatch15.1x49d10

juniperjunosMatch15.1x49d20

juniperjunosMatch15.1x49d30

juniperjunosMatch15.1x49d35

juniperjunosMatch15.1x49d40

juniperjunosMatch15.1x49d45

juniperjunosMatch15.1x49d50

juniperjunosMatch15.1x49d55

juniperjunosMatch15.1x53-

juniperjunosMatch15.1x53d10

juniperjunosMatch15.1x53d20

juniperjunosMatch15.1x53d21

VendorProductVersionCPE
juniperjunos11.4cpe:2.3:o:juniper:junos:11.4:-:*:*:*:*:*:*
juniperjunos11.4cpe:2.3:o:juniper:junos:11.4:r1:*:*:*:*:*:*
juniperjunos11.4cpe:2.3:o:juniper:junos:11.4:r10:*:*:*:*:*:*
juniperjunos11.4cpe:2.3:o:juniper:junos:11.4:r11:*:*:*:*:*:*
juniperjunos11.4cpe:2.3:o:juniper:junos:11.4:r12:*:*:*:*:*:*
juniperjunos11.4cpe:2.3:o:juniper:junos:11.4:r2:*:*:*:*:*:*
juniperjunos11.4cpe:2.3:o:juniper:junos:11.4:r3:*:*:*:*:*:*
juniperjunos11.4cpe:2.3:o:juniper:junos:11.4:r4:*:*:*:*:*:*
juniperjunos11.4cpe:2.3:o:juniper:junos:11.4:r5:*:*:*:*:*:*
juniperjunos11.4cpe:2.3:o:juniper:junos:11.4:r6:*:*:*:*:*:*

Vendor	Product	Version	CPE
juniper	junos	11.4	cpe:2.3:o:juniper:junos:11.4:-::::::
juniper	junos	11.4	cpe:2.3:o:juniper:junos:11.4:r1::::::
juniper	junos	11.4	cpe:2.3:o:juniper:junos:11.4:r10::::::
juniper	junos	11.4	cpe:2.3:o:juniper:junos:11.4:r11::::::
juniper	junos	11.4	cpe:2.3:o:juniper:junos:11.4:r12::::::
juniper	junos	11.4	cpe:2.3:o:juniper:junos:11.4:r2::::::
juniper	junos	11.4	cpe:2.3:o:juniper:junos:11.4:r3::::::
juniper	junos	11.4	cpe:2.3:o:juniper:junos:11.4:r4::::::
juniper	junos	11.4	cpe:2.3:o:juniper:junos:11.4:r5::::::
juniper	junos	11.4	cpe:2.3:o:juniper:junos:11.4:r6::::::

Rows per page:

1-10 of 1031

CNA Affected

[
  {
    "product": "Junos OS with DHCPv6 enabled",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "status": "affected",
        "version": "11.4 prior to 11.4R13-S3"
      },
      {
        "status": "affected",
        "version": "12.1X46 prior to 12.1X46-D60"
      },
      {
        "status": "affected",
        "version": "12.3 prior to 12.3R12-S2 or 12.3R13"
      },
      {
        "status": "affected",
        "version": "12.3X48 prior to 12.3X48-D40"
      },
      {
        "status": "affected",
        "version": "13.2X51 prior to 13.2X51-D40"
      },
      {
        "status": "affected",
        "version": "13.3 prior to 13.3R10"
      },
      {
        "status": "affected",
        "version": "14.1 prior to 14.1R8"
      },
      {
        "status": "affected",
        "version": "14.1X53 prior to 14.1X53-D12 or 14.1X53-D35"
      },
      {
        "status": "affected",
        "version": "14.1X55 prior to 14.1X55-D35"
      },
      {
        "status": "affected",
        "version": "14.2 prior to 14.2R7"
      },
      {
        "status": "affected",
        "version": "15.1 prior to 15.1F6 or 15.1R3"
      },
      {
        "status": "affected",
        "version": "15.1X49 prior to 15.1X49-D60"
      },
      {
        "status": "affected",
        "version": "15.1X53 prior to 15.1X53-D30"
      },
      {
        "status": "affected",
        "version": "16.1R1 and all subsequent releases include a fix."
      }
    ]
  }
]

References

www.securityfocus.com/bid/95396

www.securitytracker.com/id/1037596

kb.juniper.net/JSA10769

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.003

Percentile

67.8%

JSON

Related for CVE-2017-2301