ID

VAR-201710-0250


CVE

CVE-2017-10618


TITLE

Juniper Networks Junos OS Vulnerabilities related to security functions

Trust: 0.8

sources: JVNDB: JVNDB-2017-009389

DESCRIPTION

When the 'bgp-error-tolerance' feature â€" designed to help mitigate remote session resets from malformed path attributes â€" is enabled, a BGP UPDATE containing a specifically crafted set of transitive attributes can cause the RPD routing process to crash and restart. Devices with BGP enabled that do not have 'bgp-error-tolerance' configured are not vulnerable to this issue. Affected releases are Juniper Networks Junos OS 13.3 prior to 13.3R10-S2; 14.1 prior to 14.1R8-S4, 14.1R9; 14.1X50 prior to 14.1X50-D185; 14.1X53 prior to 14.1X53-D45, 14.1X53-D50; 14.2 prior to 14.2R7-S7, 14.2R8; 15.1 prior to 15.1F5-S8, 15.1F6-S7, 15.1R5-S6, 15.1R6-S2, 15.1R7; 15.1X49 prior to 15.1X49-D100; 15.1X53 prior to 15.1X53-D64, 15.1X53-D70; 16.1 prior to 16.1R3-S4, 16.1R4-S3, 16.1R5; 16.2 prior to 16.2R1-S5, 16.2R2; 17.1 prior to 17.1R1-S3, 17.1R2; 17.2 prior to 17.2R1-S2, 17.2R2; 17.2X75 prior to 17.2X75-D50. No other Juniper Networks products or platforms are affected by this issue. Juniper Networks Junos OS Contains vulnerabilities related to security features.Service operation interruption (DoS) There is a possibility of being put into a state. The operating system provides a secure programming interface and Junos SDK. The following versions are affected: Juniper Networks Junos OS Release 13.3, Release 14.1, Release 14.1X50, Release 14.1X53, Release 14.2, Release 15.1, Release 15.1X49, Release 15.1X53, Release 16.1, Release 16.2, Release 17.1, Release 17.2, Release 17.2 X75 version

Trust: 1.71

sources: NVD: CVE-2017-10618 // JVNDB: JVNDB-2017-009389 // VULHUB: VHN-100958

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:16.2

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:17.1

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:16.1

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:17.2

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:15.1x53

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.2x75

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:14.1x53

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:15.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:15.1x49

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:14.1x50

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:14.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:13.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:14.1

Trust: 1.0

vendor:junipermodel:junos osscope:eqversion:15.1r7

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:13.3r10-s2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1f5-s8

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.1r1-s3

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.2r2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.1r8-s4

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.1x53-d50

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1r5-s6

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1x49-d100

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:16.2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.1r3-s4

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:14.2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.2r7-s7

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:13.3

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1f6-s7

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:17.2

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:14.1x53

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:17.2x75

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1x53-d70

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:14.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.2r1-s5

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.2r8

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.1r5

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:16.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.2r1-s2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.2r2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.2x75-d50

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:17.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.1x53-d45

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:15.1x49

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:15.1x53

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:14.1x50

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.1x50-d185

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.1r4-s3

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1r6-s2

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:15.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.1r9

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.1r2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1x53-d64

Trust: 0.8

sources: JVNDB: JVNDB-2017-009389 // CNNVD: CNNVD-201710-509 // NVD: CVE-2017-10618

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-10618
value: MEDIUM

Trust: 1.0

sirt@juniper.net: CVE-2017-10618
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-10618
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201710-509
value: MEDIUM

Trust: 0.6

VULHUB: VHN-100958
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-10618
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-100958
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-10618
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.0

Trust: 2.8

sources: VULHUB: VHN-100958 // JVNDB: JVNDB-2017-009389 // CNNVD: CNNVD-201710-509 // NVD: CVE-2017-10618 // NVD: CVE-2017-10618

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-254

Trust: 0.9

sources: VULHUB: VHN-100958 // JVNDB: JVNDB-2017-009389 // NVD: CVE-2017-10618

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201710-509

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201710-509

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-009389

PATCH

title:Understanding Error Handling for BGP Update Messagesurl:https://www.juniper.net/documentation/en_US/junos/topics/concept/bgp-error-handling-overview.html

Trust: 0.8

title:bgp-error-tolerance (Protocols BGP)url:https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/bgp-error-tolerance.html

Trust: 0.8

title:JSA10820url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10820&actp=METADATA

Trust: 0.8

title:Juniper Junos OS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75545

Trust: 0.6

sources: JVNDB: JVNDB-2017-009389 // CNNVD: CNNVD-201710-509

EXTERNAL IDS

db:NVDid:CVE-2017-10618

Trust: 2.5

db:JUNIPERid:JSA10820

Trust: 1.7

db:JVNDBid:JVNDB-2017-009389

Trust: 0.8

db:CNNVDid:CNNVD-201710-509

Trust: 0.7

db:VULHUBid:VHN-100958

Trust: 0.1

sources: VULHUB: VHN-100958 // JVNDB: JVNDB-2017-009389 // CNNVD: CNNVD-201710-509 // NVD: CVE-2017-10618

REFERENCES

url:https://kb.juniper.net/jsa10820

Trust: 1.7

url:https://www.juniper.net/documentation/en_us/junos/topics/concept/bgp-error-handling-overview.html

Trust: 1.7

url:https://www.juniper.net/documentation/en_us/junos/topics/reference/configuration-statement/bgp-error-tolerance.html

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-10618

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-10618

Trust: 0.8

sources: VULHUB: VHN-100958 // JVNDB: JVNDB-2017-009389 // CNNVD: CNNVD-201710-509 // NVD: CVE-2017-10618

SOURCES

db:VULHUBid:VHN-100958
db:JVNDBid:JVNDB-2017-009389
db:CNNVDid:CNNVD-201710-509
db:NVDid:CVE-2017-10618

LAST UPDATE DATE

2024-08-14T15:44:20.287000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-100958date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2017-009389date:2017-11-10T00:00:00
db:CNNVDid:CNNVD-201710-509date:2019-10-17T00:00:00
db:NVDid:CVE-2017-10618date:2019-10-09T23:21:41.777

SOURCES RELEASE DATE

db:VULHUBid:VHN-100958date:2017-10-13T00:00:00
db:JVNDBid:JVNDB-2017-009389date:2017-11-10T00:00:00
db:CNNVDid:CNNVD-201710-509date:2017-10-18T00:00:00
db:NVDid:CVE-2017-10618date:2017-10-13T17:29:00.863