CVE-2017-10607 — Networks Junos OS vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.4%

top 40.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos Juniper Junos OS

Timeline

PublishedOct 13

Latest updateMay 13

Description

Juniper Networks Junos OS 16.1R1, and services releases based off of 16.1R1, are vulnerable to the receipt of a crafted BGP Protocol Data Unit (PDU) sent directly to the router, which can cause the RPD routing process to crash and restart. Unlike BGP UPDATEs, which are transitive in nature, this issue can only be triggered by a packet sent directly to the IP address of the router. Repeated crashes of the rpd daemon can result in an extended denial of service condition. This issue only affects de…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5juniper_networks/junos_os16.1 prior to 16.1R2

▶NVDjuniper/junos16.1

▶juniperjuniper/junos_os

🔴Vulnerability Details

GHSA

GHSA-3v7c-p24m-p9gr: Juniper Networks Junos OS 16↗2022-05-13

▶

📋Vendor Advisories

Juniper

CVE-2017-10607: Juniper Networks Junos OS 16.1R1, and services releases based off of 16.1R1, are vulnerable to the receipt of a crafted BGP Protocol Data Unit (PDU) s↗2017-10-13

▶