CVE-2017-10611 — Networks Junos OS vulnerability

3 documents3 sources

Severity

5.9MEDIUMNVD

EPSS

0.3%

top 51.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos Juniper Junos OS +1 more

Timeline

PublishedOct 13

Latest updateMay 13

Description

If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, the pfem process or the FPC may crash and restart. Repeated crashes of PFE processing can result in an extended denial of service condition. This issue only affects the following platforms: (1) EX2200, EX3300, XRE200 (2) MX Series routers with MPC7E/8E/9E PFEs installed, and only if 'extended-statistics' are enab…

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages4 packages

▶juniperjuniper/mx_series

▶CVEListV5juniper_networks/junos_os11 versions+10

▶NVDjuniper/junos11 versions+10

▶juniperjuniper/junos_os

🔴Vulnerability Details

GHSA

GHSA-g8cj-rj62-g876: If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including bu↗2022-05-13

▶

📋Vendor Advisories

Juniper

CVE-2017-10611: If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including bu↗2017-10-13

▶