PT-2017-11406 · Juniper Networks · Junos

Published

2017-10-13

Updated

2019-10-09

CVE-2017-10610

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 12.1X46-D71 Junos OS versions prior to 12.3X48-D55 Junos OS versions prior to 15.1X49-D100 on SRX Series

Description A crafted ICMP packet embedded within a NAT64 IPv6 to IPv4 tunnel may cause the flowd process to crash, leading to an extended denial of service condition for the SRX Series device. This issue only occurs if NAT64 is configured.

Recommendations For Junos OS versions prior to 12.1X46-D71, update to 12.1X46-D71 or later. For Junos OS versions prior to 12.3X48-D55, update to 12.3X48-D55 or later. For Junos OS versions prior to 15.1X49-D100 on SRX Series, update to 15.1X49-D100 or later.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-10610

Affected Products

Junos

PT-2017-11406 · Juniper Networks · Junos

CVE-2017-10610

Weakness Enumeration

Related Identifiers

Affected Products

References · 4