Vulnerability Name: CVE-2017-2313 (CCN-124551) Assigned: 2016-12-01 Published: 2017-04-13 Updated: 2017-07-11 Summary: Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability. CVSS v3 Severity: 7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H )6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): High
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H )6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): High
CVSS v2 Severity: 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Partial
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Complete
Vulnerability Type: CWE-20 Vulnerability Consequences: Denial of Service References: Source: MITRE Type: CNACVE-2017-2313 Source: CCN Type: SECTRACK ID: 1038257Juniper Junos BGP UPDATE Processing Flaw Lets Remote Users Cause the Target RPD Service to Crash Source: BID Type: Third Party Advisory, VDB Entry97606 Source: CCN Type: BID-97606Juniper Junos CVE-2017-2313 Denial of Service Vulnerability Source: SECTRACK Type: UNKNOWN1038257 Source: XF Type: UNKNOWNjuniper-cve20172313-dos(124551) Source: CCN Type: Juniper Networks Security Bulletin JSA10778Junos: rpd crash due to crafted BGP UPDATE (CVE-2017-2313) Source: CONFIRM Type: Vendor Advisoryhttps://kb.juniper.net/JSA10778 Vulnerable Configuration: Configuration 1 :cpe:/o:juniper:junos:15.1:f1:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1:f2:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1:f5:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1:f6:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1:f7:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1:r4:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1:r5:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1:r6:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x49:d10:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x49:d20:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x49:d30:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x49:d35:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x49:d40:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x49:d45:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x49:d50:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x49:d60:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x49:d65:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x49:d70:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x49:d75:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x49:d80:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x53:d10:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x53:d20:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x53:d21:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x53:d210:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x53:d30:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x53:d32:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x53:d33:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x53:d34:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x53:d60:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x53:d61:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x53:d62:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x53:d63:*:*:*:*:*:* OR cpe:/o:juniper:junos:15.1x53:d70:*:*:*:*:*:* OR cpe:/o:juniper:junos:16.1:r1:*:*:*:*:*:* OR cpe:/o:juniper:junos:16.1:r2:*:*:*:*:*:* OR cpe:/o:juniper:junos:16.1:r3:*:*:*:*:*:* OR cpe:/o:juniper:junos:16.1:r4:*:*:*:*:*:* OR cpe:/o:juniper:junos:16.2:r1:*:*:*:*:*:* OR cpe:/o:juniper:junos:16.2:r2:*:*:*:*:*:* Configuration CCN 1 :cpe:/o:juniper:junos:15.1:*:*:*:*:*:*:* Denotes that component is vulnerable BACK
juniper junos 15.1 f1
juniper junos 15.1 f2
juniper junos 15.1 f5
juniper junos 15.1 f6
juniper junos 15.1 f7
juniper junos 15.1 r4
juniper junos 15.1 r5
juniper junos 15.1 r6
juniper junos 15.1x49 d10
juniper junos 15.1x49 d20
juniper junos 15.1x49 d30
juniper junos 15.1x49 d35
juniper junos 15.1x49 d40
juniper junos 15.1x49 d45
juniper junos 15.1x49 d50
juniper junos 15.1x49 d60
juniper junos 15.1x49 d65
juniper junos 15.1x49 d70
juniper junos 15.1x49 d75
juniper junos 15.1x49 d80
juniper junos 15.1x53 d10
juniper junos 15.1x53 d20
juniper junos 15.1x53 d21
juniper junos 15.1x53 d210
juniper junos 15.1x53 d30
juniper junos 15.1x53 d32
juniper junos 15.1x53 d33
juniper junos 15.1x53 d34
juniper junos 15.1x53 d60
juniper junos 15.1x53 d61
juniper junos 15.1x53 d62
juniper junos 15.1x53 d63
juniper junos 15.1x53 d70
juniper junos 16.1 r1
juniper junos 16.1 r2
juniper junos 16.1 r3
juniper junos 16.1 r4
juniper junos 16.2 r1
juniper junos 16.2 r2
juniper junos 15.1