ID

VAR-201710-0242


CVE

CVE-2017-10610


TITLE

Juniper Networks Junos OS Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-009381

DESCRIPTION

On SRX Series devices, a crafted ICMP packet embedded within a NAT64 IPv6 to IPv4 tunnel may cause the flowd process to crash. Repeated crashes of the flowd process constitutes an extended denial of service condition for the SRX Series device. This issue only occurs if NAT64 is configured. Affected releases are Juniper Networks Junos OS 12.1X46 prior to 12.1X46-D71, 12.3X48 prior to 12.3X48-D55, 15.1X49 prior to 15.1X49-D100 on SRX Series. No other Juniper Networks products or platforms are affected by this issue. Juniper Networks Junos OS Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Junos OS is a set of operating systems running on it

Trust: 1.71

sources: NVD: CVE-2017-10610 // JVNDB: JVNDB-2017-009381 // VULHUB: VHN-100950

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:12.3x48

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:15.1x49

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:12.1x46

Trust: 1.0

vendor:junipermodel:junos osscope:eqversion:15.1x49-d100

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1x46 (srx series )

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:15.1x49 (srx series )

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x46-d71

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.3x48 (srx series )

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.3x48-d55

Trust: 0.8

sources: JVNDB: JVNDB-2017-009381 // CNNVD: CNNVD-201710-517 // NVD: CVE-2017-10610

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-10610
value: MEDIUM

Trust: 1.0

sirt@juniper.net: CVE-2017-10610
value: HIGH

Trust: 1.0

NVD: CVE-2017-10610
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201710-517
value: MEDIUM

Trust: 0.6

VULHUB: VHN-100950
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-10610
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-100950
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-10610
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.0

Trust: 1.8

sirt@juniper.net: CVE-2017-10610
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-100950 // JVNDB: JVNDB-2017-009381 // CNNVD: CNNVD-201710-517 // NVD: CVE-2017-10610 // NVD: CVE-2017-10610

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-100950 // JVNDB: JVNDB-2017-009381 // NVD: CVE-2017-10610

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201710-517

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201710-517

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-009381

PATCH

title:Configuring Stateful NAT64url:https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/nat-stateful-nat64-configuring.html

Trust: 0.8

title:JSA10813url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10813&actp=METADATA

Trust: 0.8

title:Juniper SRX Series equipment Junos OS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75553

Trust: 0.6

sources: JVNDB: JVNDB-2017-009381 // CNNVD: CNNVD-201710-517

EXTERNAL IDS

db:NVDid:CVE-2017-10610

Trust: 2.5

db:JUNIPERid:JSA10813

Trust: 1.7

db:JVNDBid:JVNDB-2017-009381

Trust: 0.8

db:CNNVDid:CNNVD-201710-517

Trust: 0.7

db:VULHUBid:VHN-100950

Trust: 0.1

sources: VULHUB: VHN-100950 // JVNDB: JVNDB-2017-009381 // CNNVD: CNNVD-201710-517 // NVD: CVE-2017-10610

REFERENCES

url:https://kb.juniper.net/jsa10813

Trust: 1.7

url:https://www.juniper.net/documentation/en_us/junos/topics/task/configuration/nat-stateful-nat64-configuring.html

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-10610

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-10610

Trust: 0.8

sources: VULHUB: VHN-100950 // JVNDB: JVNDB-2017-009381 // CNNVD: CNNVD-201710-517 // NVD: CVE-2017-10610

SOURCES

db:VULHUBid:VHN-100950
db:JVNDBid:JVNDB-2017-009381
db:CNNVDid:CNNVD-201710-517
db:NVDid:CVE-2017-10610

LAST UPDATE DATE

2024-08-14T14:27:03.228000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-100950date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2017-009381date:2017-11-09T00:00:00
db:CNNVDid:CNNVD-201710-517date:2019-10-17T00:00:00
db:NVDid:CVE-2017-10610date:2019-10-09T23:21:40.010

SOURCES RELEASE DATE

db:VULHUBid:VHN-100950date:2017-10-13T00:00:00
db:JVNDBid:JVNDB-2017-009381date:2017-11-09T00:00:00
db:CNNVDid:CNNVD-201710-517date:2017-10-18T00:00:00
db:NVDid:CVE-2017-10610date:2017-10-13T17:29:00.567