CVE-2017-2314

Name of the Vulnerable Software and Affected Versions Junos OS versions 12.3 prior to 12.3R12-S4, 12.3R13, 12.3R3-S4 Junos OS versions 12.3X48 prior to 12.3X48-D50 Junos OS versions 13.3 prior to 13.3R4-S11, 13.3R10 Junos OS versions 14.1 prior to 14.1R8-S3, 14.1R9 Junos OS versions 14.1X53 prior to 14.1X53-D40 Junos OS versions 14.1X55 prior to 14.1X55-D35 Junos OS versions 14.2 prior to 14.2R4-S7, 14.2R6-S4, 14.2R7 Junos OS versions 15.1 prior to 15.1F2-S11, 15.1F4-S1-J1, 15.1F5-S3, 15.1F6, 15.1R4 Junos OS versions 15.1X49 prior to 15.1X49-D100 Junos OS versions 15.1X53 prior to 15.1X53-D33, 15.1X53-D50

Description Receipt of a malformed BGP OPEN message may cause the routing protocol daemon (rpd) process to crash and restart. By continuously sending specially crafted BGP OPEN messages, an attacker can repeatedly crash the rpd process, causing prolonged denial of service.

Recommendations For Junos OS versions 12.3 prior to 12.3R12-S4, 12.3R13, 12.3R3-S4, update to 12.3R12-S4, 12.3R13, or 12.3R3-S4 or later. For Junos OS versions 12.3X48 prior to 12.3X48-D50, update to 12.3X48-D50 or later. For Junos OS versions 13.3 prior to 13.3R4-S11, 13.3R10, update to 13.3R4-S11 or 13.3R10 or later. For Junos OS versions 14.1 prior to 14.1R8-S3, 14.1R9, update to 14.1R8-S3 or 14.1R9 or later. For Junos OS versions 14.1X53 prior to 14.1X53-D40, update to 14.1X53-D40 or later. For Junos OS versions 14.1X55 prior to 14.1X55-D35, update to 14.1X55-D35 or later. For Junos OS versions 14.2 prior to 14.2R4-S7, 14.2R6-S4, 14.2R7, update to 14.2R4-S7, 14.2R6-S4, or 14.2R7 or later. For Junos OS versions 15.1 prior to 15.1F2-S11, 15.1F4-S1-J1, 15.1F5-S3, 15.1F6, 15.1R4, update to 15.1F2-S11, 15.1F4-S1-J1, 15.1F5-S3, 15.1F6, or 15.1R4 or later. For Junos OS versions 15.1X49 prior to 15.1X49-D100, update to 15.1X49-D100 or later. For Junos OS versions 15.1X53 prior to 15.1X53-D33, 15.1X53-D50, update to 15.1X53-D33 or 15.1X53-D50 or later.