cvelistv5 - cve-2017-2300

CVE-2017-2300 (GCVE-0-2017-2300)

Vulnerability from cvelistv5

Published

2017-05-30 14:00

Modified

2024-08-05 13:48

Severity ?

CWE

flowd daemon crash denial of service vulnerability

Summary

References

URL

	Vendor	Product	Version
	Juniper Networks	Junos OS on SRX Series Services Gateways chassis cluster	Version: 12.1X46 prior to 12.1X46-D65 Version: 12.3X48 prior to 12.3X48-D40 Version: 12.3X48 prior to 12.3X48-D60

cnvd-2017-00605

Vulnerability from cnvd

Title

Juniper Junos拒绝服务漏洞（CNVD-2017-00605）

Description

Juniper Junos是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件系统的网络操作系统。该操作系统提供了安全编程接口和JunosSDK。 JuniperJunos存在拒绝服务漏洞。攻击者可利用该漏洞造成受影响的设备崩溃并重启（拒绝服务）。

Severity

高

Patch Name

Juniper Junos拒绝服务漏洞（CNVD-2017-00605）的补丁

Patch Description

Juniper Junos是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件系统的网络操作系统。该操作系统提供了安全编程接口和JunosSDK。 JuniperJunos存在拒绝服务漏洞。攻击者可利用该漏洞造成受影响的设备崩溃并重启（拒绝服务）。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10768&actp=search

Reference

http://www.securityfocus.com/bid/95400

Impacted products

Name
['Juniper Networks JUNOS 15.1X49-D40', 'Juniper Networks JUNOS 15.1X49-D30', 'Juniper Networks JUNOS 15.1X49-D20', 'Juniper Networks JUNOS 15.1X49-D15', 'Juniper Networks JUNOS 15.1X49-D10', 'Juniper Networks JUNOS 12.3X48-D35', 'Juniper Networks JUNOS 12.3X48-D30', 'Juniper Networks JUNOS 12.3X48-D25', 'Juniper Networks JUNOS 12.3X48-D20', 'Juniper Networks JUNOS 12.3X48-D15', 'Juniper Networks JUNOS 12.3X48-D10', 'Juniper Networks JUNOS 12.1X46-D60', 'Juniper Networks JUNOS 12.1X46-D55', 'Juniper Networks JUNOS 12.1X46-D51', 'Juniper Networks JUNOS 12.1X46-D50', 'Juniper Networks JUNOS 12.1X46-D46', 'Juniper Networks JUNOS 12.1X46-D45', 'Juniper Networks JUNOS 12.1X46-D40', 'Juniper Networks JUNOS 12.1X46-D37', 'Juniper Networks JUNOS 12.1X46-D36', 'Juniper Networks JUNOS 12.1X46-D35', 'Juniper Networks JUNOS 12.1X46-D30', 'Juniper Networks JUNOS 12.1X46-D26', 'Juniper Networks JUNOS 12.1X46-D25', 'Juniper Networks JUNOS 12.1X46-D20', 'Juniper Networks JUNOS 12.1X46-D15', 'Juniper Networks JUNOS 12.1X46-D10']

Name

['Juniper Networks JUNOS 15.1X49-D40', 'Juniper Networks JUNOS 15.1X49-D30', 'Juniper Networks JUNOS 15.1X49-D20', 'Juniper Networks JUNOS 15.1X49-D15', 'Juniper Networks JUNOS 15.1X49-D10', 'Juniper Networks JUNOS 12.3X48-D35', 'Juniper Networks JUNOS 12.3X48-D30', 'Juniper Networks JUNOS 12.3X48-D25', 'Juniper Networks JUNOS 12.3X48-D20', 'Juniper Networks JUNOS 12.3X48-D15', 'Juniper Networks JUNOS 12.3X48-D10', 'Juniper Networks JUNOS 12.1X46-D60', 'Juniper Networks JUNOS 12.1X46-D55', 'Juniper Networks JUNOS 12.1X46-D51', 'Juniper Networks JUNOS 12.1X46-D50', 'Juniper Networks JUNOS 12.1X46-D46', 'Juniper Networks JUNOS 12.1X46-D45', 'Juniper Networks JUNOS 12.1X46-D40', 'Juniper Networks JUNOS 12.1X46-D37', 'Juniper Networks JUNOS 12.1X46-D36', 'Juniper Networks JUNOS 12.1X46-D35', 'Juniper Networks JUNOS 12.1X46-D30', 'Juniper Networks JUNOS 12.1X46-D26', 'Juniper Networks JUNOS 12.1X46-D25', 'Juniper Networks JUNOS 12.1X46-D20', 'Juniper Networks JUNOS 12.1X46-D15', 'Juniper Networks JUNOS 12.1X46-D10']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "95400"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-2300"
    }
  },
  "description": "Juniper Junos\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u7cfb\u7edf\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunosSDK\u3002\r\n\r\nJuniperJunos\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u5d29\u6e83\u5e76\u91cd\u542f\uff08\u62d2\u7edd\u670d\u52a1\uff09\u3002",
  "discovererName": "Juniper Networks, Inc.",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10768\u0026actp=search",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-00605",
  "openTime": "2017-01-19",
  "patchDescription": "Juniper Junos\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u7cfb\u7edf\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunosSDK\u3002\r\n\r\nJuniperJunos\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u5d29\u6e83\u5e76\u91cd\u542f\uff08\u62d2\u7edd\u670d\u52a1\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Juniper Junos\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-00605\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Juniper Networks JUNOS 15.1X49-D40",
      "Juniper Networks JUNOS 15.1X49-D30",
      "Juniper Networks JUNOS 15.1X49-D20",
      "Juniper Networks JUNOS 15.1X49-D15",
      "Juniper Networks JUNOS 15.1X49-D10",
      "Juniper Networks JUNOS 12.3X48-D35",
      "Juniper Networks JUNOS 12.3X48-D30",
      "Juniper Networks JUNOS 12.3X48-D25",
      "Juniper Networks JUNOS 12.3X48-D20",
      "Juniper Networks JUNOS 12.3X48-D15",
      "Juniper Networks JUNOS 12.3X48-D10",
      "Juniper Networks JUNOS 12.1X46-D60",
      "Juniper Networks JUNOS 12.1X46-D55",
      "Juniper Networks JUNOS 12.1X46-D51",
      "Juniper Networks JUNOS 12.1X46-D50",
      "Juniper Networks JUNOS 12.1X46-D46",
      "Juniper Networks JUNOS 12.1X46-D45",
      "Juniper Networks JUNOS 12.1X46-D40",
      "Juniper Networks JUNOS 12.1X46-D37",
      "Juniper Networks JUNOS 12.1X46-D36",
      "Juniper Networks JUNOS 12.1X46-D35",
      "Juniper Networks JUNOS 12.1X46-D30",
      "Juniper Networks JUNOS 12.1X46-D26",
      "Juniper Networks JUNOS 12.1X46-D25",
      "Juniper Networks JUNOS 12.1X46-D20",
      "Juniper Networks JUNOS 12.1X46-D15",
      "Juniper Networks JUNOS 12.1X46-D10"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/95400",
  "serverity": "\u9ad8",
  "submitTime": "2017-01-16",
  "title": "Juniper Junos\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-00605\uff09"
}

gsd-2017-2300

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-2300

Aliases

CVE-2017-2300

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-2300",
    "description": "On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets.",
    "id": "GSD-2017-2300"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-2300"
      ],
      "details": "On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets.",
      "id": "GSD-2017-2300",
      "modified": "2023-12-13T01:21:05.521437Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "ID": "CVE-2017-2300",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Junos OS on SRX Series Services Gateways chassis cluster",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "12.1X46 prior to 12.1X46-D65"
                        },
                        {
                          "version_value": "12.3X48 prior to 12.3X48-D40"
                        },
                        {
                          "version_value": "12.3X48 prior to 12.3X48-D60"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "flowd daemon crash denial of service vulnerability "
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://kb.juniper.net/JSA10768",
            "refsource": "CONFIRM",
            "url": "https://kb.juniper.net/JSA10768"
          },
          {
            "name": "95400",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/95400"
          },
          {
            "name": "1037597",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1037597"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:*:d60:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.1x46",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:*:d50:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.3x48",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:*:d35:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.3x48",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2017-2300"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10768",
              "refsource": "CONFIRM",
              "tags": [
                "Mitigation",
                "Vendor Advisory"
              ],
              "url": "https://kb.juniper.net/JSA10768"
            },
            {
              "name": "95400",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/95400"
            },
            {
              "name": "1037597",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1037597"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2017-05-30T14:29Z"
    }
  }
}

fkie_cve-2017-2300

Vulnerability from fkie_nvd

Published

2017-05-30 14:29

Modified

2025-04-20 01:37

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
sirt@juniper.net	http://www.securityfocus.com/bid/95400	Third Party Advisory, VDB Entry
sirt@juniper.net	http://www.securitytracker.com/id/1037597
sirt@juniper.net	https://kb.juniper.net/JSA10768	Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/95400	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037597
af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA10768	Mitigation, Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	*
juniper	junos	*
juniper	junos	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:*:d60:*:*:*:*:*:*",
              "matchCriteriaId": "754DF870-327A-496A-898C-A7AC31333529",
              "versionEndIncluding": "12.1x46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:*:d35:*:*:*:*:*:*",
              "matchCriteriaId": "586D4B84-7894-4A7A-87E7-E2D79C16896D",
              "versionEndIncluding": "12.3x48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:*:d50:*:*:*:*:*:*",
              "matchCriteriaId": "FDDE6EEE-DCD2-4B64-BEF9-3A602D50546F",
              "versionEndIncluding": "12.3x48",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets."
    },
    {
      "lang": "es",
      "value": "En los cl\u00fasteres de tipo chassis de dispositivos Juniper Networks SRX Series Services Gateways que ejecutan el sistema operativo versiones: Junos 12.1X46 anterior a 12.1X46-D65, 12.3X48 anterior a 12.3X48-D40 y12.3X48 anterior a 12.3X48-D60, el demonio flowd en el nodo principal del cl\u00faster, puede bloquearse y reiniciarse al intentar sincronizar una sesi\u00f3n multicast creada mediante paquetes multicast especialmente dise\u00f1ados."
    }
  ],
  "id": "CVE-2017-2300",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-05-30T14:29:00.597",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95400"
    },
    {
      "source": "sirt@juniper.net",
      "url": "http://www.securitytracker.com/id/1037597"
    },
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10768"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95400"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1037597"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10768"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

var-201705-3364

Vulnerability from variot

On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets. Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash and restart the affected device, denying service to legitimate users. Junos OS is a network operating system dedicated to the company's hardware systems. An attacker could exploit this vulnerability by means of a specially crafted multicast packet to cause a denial of service (the flowd daemon crashes). The following releases are affected: Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3364",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "junos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "12.3x48"
      },
      {
        "model": "junos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "12.1x46"
      },
      {
        "model": "junos os",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "12.1x46"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "12.3x48"
      },
      {
        "model": "junos 15.1x49-d40",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 15.1x49-d30",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 15.1x49-d20",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 15.1x49-d15",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 15.1x49-d10",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.3x48-d35",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.3x48-d30",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.3x48-d25",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.3x48-d20",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.3x48-d15",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.3x48-d10",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d60",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d55",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d51",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d50",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d46",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d45",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d40",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d37",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d36",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d35",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d30",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d26",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d25",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d20",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d15",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d10",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 15.1x49-d60",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.3x48-d40",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d65",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "95400"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004598"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-319"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2300"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:juniper:junos",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004598"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "95400"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-2300",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-2300",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-110503",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-2300",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-2300",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-2300",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201701-319",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-110503",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110503"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004598"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-319"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2300"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets. Juniper Junos is prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to crash and restart the affected device, denying service to legitimate users. Junos OS is a network operating system dedicated to the company\u0027s hardware systems. An attacker could exploit this vulnerability by means of a specially crafted multicast packet to cause a denial of service (the flowd daemon crashes). The following releases are affected: Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2300"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004598"
      },
      {
        "db": "BID",
        "id": "95400"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110503"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-2300",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "95400",
        "trust": 2.0
      },
      {
        "db": "JUNIPER",
        "id": "JSA10768",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1037597",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004598",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-319",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-110503",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110503"
      },
      {
        "db": "BID",
        "id": "95400"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004598"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-319"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2300"
      }
    ]
  },
  "id": "VAR-201705-3364",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110503"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T22:01:09.894000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "JSA10768",
        "trust": 0.8,
        "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10768\u0026actp=METADATA"
      },
      {
        "title": "Juniper Junos Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66981"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004598"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-319"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-19",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110503"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004598"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2300"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/95400"
      },
      {
        "trust": 1.7,
        "url": "https://kb.juniper.net/jsa10768"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1037597"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2300"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2300"
      },
      {
        "trust": 0.3,
        "url": "http://www.juniper.net/"
      },
      {
        "trust": 0.3,
        "url": "http://www.juniper.net/us/en/products-services/nos/junos/"
      },
      {
        "trust": 0.3,
        "url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10768\u0026actp=search"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110503"
      },
      {
        "db": "BID",
        "id": "95400"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004598"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-319"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2300"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-110503"
      },
      {
        "db": "BID",
        "id": "95400"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004598"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-319"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2300"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110503"
      },
      {
        "date": "2017-01-11T00:00:00",
        "db": "BID",
        "id": "95400"
      },
      {
        "date": "2017-06-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004598"
      },
      {
        "date": "2017-01-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201701-319"
      },
      {
        "date": "2017-05-30T14:29:00.597000",
        "db": "NVD",
        "id": "CVE-2017-2300"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110503"
      },
      {
        "date": "2017-01-23T06:05:00",
        "db": "BID",
        "id": "95400"
      },
      {
        "date": "2017-06-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004598"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201701-319"
      },
      {
        "date": "2024-11-21T03:23:14.340000",
        "db": "NVD",
        "id": "CVE-2017-2300"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-319"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Juniper Networks SRX Runs on a series service gateway chassis cluster  Junos OS Data processing vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004598"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201701-319"
      }
    ],
    "trust": 0.6
  }
}

ghsa-q4mm-jww3-53jr

Vulnerability from github

Published

2022-05-13 01:44

Modified

2022-05-13 01:44

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-2300"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-05-30T14:29:00Z",
    "severity": "HIGH"
  },
  "details": "On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets.",
  "id": "GHSA-q4mm-jww3-53jr",
  "modified": "2022-05-13T01:44:43Z",
  "published": "2022-05-13T01:44:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2300"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA10768"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/95400"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1037597"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2017-AVI-012

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS	Juniper QFX3500, QFX3600, QFX5100, QFX5200, EX4300 et EX4600 exécutant Junos OS avec des versions antérieures à 4.1X53-D40, 15.1X53-D40, 15.1R2
Juniper Networks	Junos Space	Junos Space versions antérieures à 16.1R1
Juniper Networks	Junos OS	Tout produit Juniper avec RIP activé et exécutant Junos OS avec des versions antérieures à 12.1X46-D50, 12.1X47-D40, 12.3R13, 12.3X48-D30, 13.2X51-D40, 13.3R10, 14.1R8, 14.1X53-D35, 14.1X55-D35, 14.2R5, 15.1F6, 15.1R3, 15.1X49-D30, 15.1X49-D40, 15.1X53-D35, 16.1R1
Juniper Networks	Junos OS	Tout produit Juniper exécutant Junos OS avec des versions antérieures à 12.1X46-D55, 12.1X47-D45, 12.3R13, 12.3X48-D35, 13.3R10, 14.1R8, 14.1X53-D40, 14.1X55-D35, 14.2R6, 15.1R1, 15.1X49-D20
Juniper Networks	Junos OS	Tout produit Juniper avec DHCPv6 activé et exécutant Junos OS avec des versions antérieures à 11.4R13-S3, 12.1X46-D60, 12.3R12-S2, 12.3R13, 12.3X48-D40, 13.2X51-D40, 13.3R10, 14.1R8, 14.1X53-D12, 14.1X53-D35, 14.1X55-D35, 14.2R7, 15.1F6, 15.1R3, 15.1X49-D60, 15.1X53-D30, 16.1R1
Juniper Networks	Junos OS	Juniper SRX Series Services Gateway chassis cluster avec PIM activé exécutant Junos OS avec des versions antérieures à 12.1X46-D65, 12.3X48-D40, 15.1X49-D60
Juniper Networks	N/A	Juniper NSM3000, NSM4000 et NSMExpress sans le correctif de sécurité NSM Appliance Upgrade Package v3

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-2300 (GCVE-0-2017-2300)

Vulnerability from cvelistv5

cnvd-2017-00605

Vulnerability from cnvd

gsd-2017-2300

Vulnerability from gsd

fkie_cve-2017-2300

Vulnerability from fkie_nvd

var-201705-3364

Vulnerability from variot

ghsa-q4mm-jww3-53jr

Vulnerability from github

CERTFR-2017-AVI-012

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature