CVE-2017-2313

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6 Junos OS versions 15.1X49 prior to 15.1X49-D78, 15.1X49-D80 Junos OS versions 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70 Junos OS versions 16.1 prior to 16.1R3-S3, 16.1R4 Junos OS versions 16.2 prior to 16.2R1-S3, 16.2R2

Description The issue is caused by insufficient input validation in the Junos OS, which can be exploited by a remote attacker to cause a crash and restart of the device or a denial of service condition through the routing process daemon. Repeated crashes of the rpd daemon can result in an extended denial of service condition.

Recommendations For Junos OS versions prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6, update to a fixed version. For Junos OS versions 15.1X49 prior to 15.1X49-D78, 15.1X49-D80, update to a fixed version. For Junos OS versions 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70, update to a fixed version. For Junos OS versions 16.1 prior to 16.1R3-S3, 16.1R4, update to a fixed version. For Junos OS versions 16.2 prior to 16.2R1-S3, 16.2R2, update to a fixed version.