CVE-2017-2347

Name of the Vulnerable Software and Affected Versions Junos OS versions 12.3X48 prior to 12.3X48-D50, 12.3X48-D55 Junos OS versions 13.3 prior to 13.3R10 Junos OS versions 14.1 prior to 14.1R4-S13, 14.1R8-S3, 14.1R9 Junos OS versions 14.1X53 prior to 14.1X53-D42, 14.1X53-D50 Junos OS versions 14.2 prior to 14.2R4-S8, 14.2R7-S6, 14.2R8 Junos OS versions 15.1 prior to 15.1F2-S14, 15.1F5-S7, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5-S1, 15.1R6 Junos OS versions 15.1X49 prior to 15.1X49-D100 Junos OS versions 15.1X53 prior to 15.1X53-D105, 15.1X53-D47, 15.1X53-D62, 15.1X53-D70 Junos OS versions 16.1 prior to 16.1R3-S3, 16.1R4

Description A denial of service issue in the rpd daemon of Juniper Networks Junos OS can be triggered by a malformed MPLS ping packet when MPLS OAM is configured, causing the rpd daemon to crash. Repeated crashes can lead to an extended denial of service condition for the device.

Recommendations For Junos OS versions 12.3X48 prior to 12.3X48-D50, 12.3X48-D55, update to version 12.3X48-D50 or later. For Junos OS versions 13.3 prior to 13.3R10, update to version 13.3R10 or later. For Junos OS versions 14.1 prior to 14.1R4-S13, 14.1R8-S3, 14.1R9, update to version 14.1R4-S13, 14.1R8-S3, or 14.1R9 or later. For Junos OS versions 14.1X53 prior to 14.1X53-D42, 14.1X53-D50, update to version 14.1X53-D42 or later. For Junos OS versions 14.2 prior to 14.2R4-S8, 14.2R7-S6, 14.2R8, update to version 14.2R4-S8, 14.2R7-S6, or 14.2R8 or later. For Junos OS versions 15.1 prior to 15.1F2-S14, 15.1F5-S7, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5-S1, 15.1R6, update to version 15.1F2-S14, 15.1F5-S7, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5-S1, or 15.1R6 or later. For Junos OS versions 15.1X49 prior to 15.1X49-D100, update to version 15.1X49-D100 or later. For Junos OS versions 15.1X53 prior to 15.1X53-D105, 15.1X53-D47, 15.1X53-D62, 15.1X53-D70, update to version 15.1X53-D105 or later. For Junos OS versions 16.1 prior to 16.1R3-S3, 16.1R4, update to version 16.1R3-S3 or 16.1R4 or later.