PT-2017-11409 · Juniper Networks · Junos
Published
2017-10-13
·
Updated
2019-10-09
·
CVE-2017-10613
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Juniper Networks Junos OS versions 12.1X46 prior to 12.1X46-D55
Juniper Networks Junos OS versions 12.3X48 prior to 12.3X48-D35
Juniper Networks Junos OS versions 14.1 prior to 14.1R8-S4, 14.1R9
Juniper Networks Junos OS versions 14.1X53 prior to 14.1X53-D40
Juniper Networks Junos OS versions 14.2 prior to 14.2R4-S9, 14.2R7-S8, 14.2R8
Juniper Networks Junos OS versions 15.1 prior to 15.1F5-S3, 15.1F6, 15.1R4
Juniper Networks Junos OS versions 15.1X49 prior to 15.1X49-D60
Juniper Networks Junos OS versions 15.1X53 prior to 15.1X53-D47
Juniper Networks Junos OS versions 16.1 prior to 16.1R2
Description
A vulnerability in a specific loopback filter action command in Juniper Networks Junos OS allows an attacker with CLI access and the ability to initiate remote sessions to the loopback interface to hang the kernel.
Recommendations
For versions 12.1X46 prior to 12.1X46-D55, update to 12.1X46-D55 or later.
For versions 12.3X48 prior to 12.3X48-D35, update to 12.3X48-D35 or later.
For versions 14.1 prior to 14.1R8-S4, 14.1R9, update to 14.1R8-S4, 14.1R9 or later.
For versions 14.1X53 prior to 14.1X53-D40, update to 14.1X53-D40 or later.
For versions 14.2 prior to 14.2R4-S9, 14.2R7-S8, 14.2R8, update to 14.2R4-S9, 14.2R7-S8, 14.2R8 or later.
For versions 15.1 prior to 15.1F5-S3, 15.1F6, 15.1R4, update to 15.1F5-S3, 15.1F6, 15.1R4 or later.
For versions 15.1X49 prior to 15.1X49-D60, update to 15.1X49-D60 or later.
For versions 15.1X53 prior to 15.1X53-D47, update to 15.1X53-D47 or later.
For versions 16.1 prior to 16.1R2, update to 16.1R2 or later.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Junos