CVE-2017-2342 — Missing Report of Error Condition in Networks Junos OS

CWE-392 — Missing Report of Error Condition3 documents3 sources

Severity

8.1HIGHNVD

EPSS

0.1%

top 71.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos Juniper Junos OS +1 more

Timeline

PublishedJul 17

Latest updateMay 13

Description

MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be established. It falls back to an unencrypted link. This can happen when MACsec is configured on ports that are not capable of MACsec or when a secure link can not be established. This can mislead customers into believing that a link is secure. On SRX 300 series devices, prior to 15.1X49-D100, MACsec was only supported on control and fabric ports of SRX34…

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.2

Affected Packages4 packages

▶CVEListV5juniper_networks/junos_os15.1X49 prior to 15.1X49-D100

▶juniperjuniper/srx_series

▶NVDjuniper/junos15.1x49

▶juniperjuniper/junos_os

🔴Vulnerability Details

GHSA

GHSA-c2jv-35gj-wg4v: MACsec feature on Juniper Networks Junos OS 15↗2022-05-13

▶

📋Vendor Advisories

Juniper

CVE-2017-2342: MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be establ↗2017-07-17

▶