CVE-2017-10608

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions 12.1X46 prior to 12.1X46-D55 on SRX Juniper Networks Junos OS versions 12.1X47 prior to 12.1X47-D45 on SRX Juniper Networks Junos OS versions 12.3X48 prior to 12.3X48-D32 on SRX Juniper Networks Junos OS versions 12.3X48 prior to 12.3X48-D35 on SRX Juniper Networks Junos OS versions 15.1X49 prior to 15.1X49-D60 on SRX

Description A denial of service issue exists in the Sun/MS-RPC ALG services component of Junos OS, allowing an attacker to cause a repeated denial of service against the target. This issue affects IPv6 traffic and can cause the flowd daemon to halt traffic on all nodes in a cluster. The issue is not related to HA services and only affects Juniper Networks SRX series devices with one or more ALGs enabled.

Recommendations For Juniper Networks Junos OS versions 12.1X46 prior to 12.1X46-D55 on SRX, update to version 12.1X46-D55 or later. For Juniper Networks Junos OS versions 12.1X47 prior to 12.1X47-D45 on SRX, update to version 12.1X47-D45 or later. For Juniper Networks Junos OS versions 12.3X48 prior to 12.3X48-D32 on SRX, update to version 12.3X48-D32 or later. For Juniper Networks Junos OS versions 12.3X48 prior to 12.3X48-D35 on SRX, update to version 12.3X48-D35 or later. For Juniper Networks Junos OS versions 15.1X49 prior to 15.1X49-D60 on SRX, update to version 15.1X49-D60 or later.