Details of VAR-201710-0242

ID

VAR-201710-0242

CVE

CVE-2017-10610

TITLE

Juniper Networks Junos OS Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-009381

DESCRIPTION

On SRX Series devices, a crafted ICMP packet embedded within a NAT64 IPv6 to IPv4 tunnel may cause the flowd process to crash. Repeated crashes of the flowd process constitutes an extended denial of service condition for the SRX Series device. This issue only occurs if NAT64 is configured. Affected releases are Juniper Networks Junos OS 12.1X46 prior to 12.1X46-D71, 12.3X48 prior to 12.3X48-D55, 15.1X49 prior to 15.1X49-D100 on SRX Series. No other Juniper Networks products or platforms are affected by this issue. Juniper Networks Junos OS Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Junos OS is a set of operating systems running on it

Trust: 1.71

sources: NVD: CVE-2017-10610 // JVNDB: JVNDB-2017-009381 // VULHUB: VHN-100950

AFFECTED PRODUCTS

vendor:	juniper	model:	junos	scope:	eq	version:	12.3x48	Trust: 1.6
vendor:	juniper	model:	junos	scope:	eq	version:	15.1x49	Trust: 1.6
vendor:	juniper	model:	junos	scope:	eq	version:	12.1x46	Trust: 1.0
vendor:	juniper	model:	junos os	scope:	eq	version:	15.1x49-d100	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	lt	version:	12.1x46 (srx series )	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	lt	version:	15.1x49 (srx series )	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	eq	version:	12.1x46-d71	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	lt	version:	12.3x48 (srx series )	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	eq	version:	12.3x48-d55	Trust: 0.8

sources: JVNDB: JVNDB-2017-009381 // CNNVD: CNNVD-201710-517 // NVD: CVE-2017-10610

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-10610
value:	MEDIUM
Trust: 1.0
sirt@juniper.net:	CVE-2017-10610
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-10610
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201710-517
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-100950
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-10610
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-100950
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-10610
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	3.6
version:	3.0
Trust: 1.8
sirt@juniper.net:	CVE-2017-10610
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-100950 // JVNDB: JVNDB-2017-009381 // CNNVD: CNNVD-201710-517 // NVD: CVE-2017-10610 // NVD: CVE-2017-10610

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-100950 // JVNDB: JVNDB-2017-009381 // NVD: CVE-2017-10610

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201710-517

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201710-517

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-009381

PATCH

title:	Configuring Stateful NAT64	url:	https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/nat-stateful-nat64-configuring.html	Trust: 0.8
title:	JSA10813	url:	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10813&actp=METADATA	Trust: 0.8
title:	Juniper SRX Series equipment Junos OS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75553	Trust: 0.6

sources: JVNDB: JVNDB-2017-009381 // CNNVD: CNNVD-201710-517

EXTERNAL IDS

db:	NVD	id:	CVE-2017-10610	Trust: 2.5
db:	JUNIPER	id:	JSA10813	Trust: 1.7
db:	JVNDB	id:	JVNDB-2017-009381	Trust: 0.8
db:	CNNVD	id:	CNNVD-201710-517	Trust: 0.7
db:	VULHUB	id:	VHN-100950	Trust: 0.1

sources: VULHUB: VHN-100950 // JVNDB: JVNDB-2017-009381 // CNNVD: CNNVD-201710-517 // NVD: CVE-2017-10610

REFERENCES

url:	https://kb.juniper.net/jsa10813	Trust: 1.7
url:	https://www.juniper.net/documentation/en_us/junos/topics/task/configuration/nat-stateful-nat64-configuring.html	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-10610	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-10610	Trust: 0.8

sources: VULHUB: VHN-100950 // JVNDB: JVNDB-2017-009381 // CNNVD: CNNVD-201710-517 // NVD: CVE-2017-10610

SOURCES

db:	VULHUB	id:	VHN-100950
db:	JVNDB	id:	JVNDB-2017-009381
db:	CNNVD	id:	CNNVD-201710-517
db:	NVD	id:	CVE-2017-10610

LAST UPDATE DATE

2024-08-14T14:27:03.228000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-100950	date:	2019-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2017-009381	date:	2017-11-09T00:00:00
db:	CNNVD	id:	CNNVD-201710-517	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-10610	date:	2019-10-09T23:21:40.010

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-100950	date:	2017-10-13T00:00:00
db:	JVNDB	id:	JVNDB-2017-009381	date:	2017-11-09T00:00:00
db:	CNNVD	id:	CNNVD-201710-517	date:	2017-10-18T00:00:00
db:	NVD	id:	CVE-2017-10610	date:	2017-10-13T17:29:00.567