CVE-2017-2300 — Juniper Junos vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.5%

top 32.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Junos Juniper Networks Junos OS ON SRX Series Services Gateways Chassis Cluster Juniper Junos OS +1 more

Timeline

PublishedMay 30

Latest updateMay 13

Description

On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5juniper_networks/junos_os_on_srx_series_services_gateways_chassis_cluster12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60+2

▶juniperjuniper/srx_series

▶NVDjuniper/junos12.1x46+1

▶juniperjuniper/junos_os

🔴Vulnerability Details

GHSA

GHSA-q4mm-jww3-53jr: On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12↗2022-05-13

▶

📋Vendor Advisories

Juniper

CVE-2017-2300: On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48↗2017-05-30

▶