Sign-up

ID

VAR-201710-0253


CVE

CVE-2017-10621


TITLE

Juniper Networks Junos OS Vulnerable to resource exhaustion

Trust: 0.8

sources: JVNDB: JVNDB-2017-009397

DESCRIPTION

A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service. Affected Junos OS releases are: 12.1X46 prior to 12.1X46-D71; 12.3X48 prior to 12.3X48-D50; 14.1 prior to 14.1R8-S5, 14.1R9; 14.1X53 prior to 14.1X53-D50; 14.2 prior to 14.2R7-S9, 14.2R8; 15.1 prior to 15.1F2-S16, 15.1F5-S7, 15.1F6-S6, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D90; 15.1X53 prior to 15.1X53-D47; 16.1 prior to 16.1R4-S1, 16.1R5; 16.2 prior to 16.2R1-S3, 16.2R2;. Juniper Networks Junos OS Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Juniper Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware systems. The operating system provides a secure programming interface and Junos SDK. The following releases are affected: Juniper Junos OS Release 12.1X46, Release 12.3X48, Release 14.1, Release 14.1X53, Release 14.2, Release 15.1, Release 15.1X49, Release 15.1X53, Release 16.1, Release 16.2

Trust: 1.71

sources: NVD: CVE-2017-10621 // JVNDB: JVNDB-2017-009397 // VULHUB: VHN-100962

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:15.1

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:14.2

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:16.2

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:16.1

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:12.3x48

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:14.1x53

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:15.1x53

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:14.1

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:12.1x45

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:15.1x49

Trust: 1.6

vendor:junipermodel:junos osscope:eqversion:15.1f5-s7

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.2r7-s9

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.1r8-s5

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1f6-s6

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x46-d71

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.3x48

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1r5-s2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1r6

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.2r2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.1r4-s1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.1x53-d50

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:16.2

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:14.2

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:14.1x53

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:14.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.2r8

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.1r5

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:16.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.2r1-s3

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1x46

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.3x48-d50

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:15.1x49

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1x49-d90

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:15.1x53

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1f2-s16

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1x53-d47

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:15.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:14.1r9

Trust: 0.8

sources: JVNDB: JVNDB-2017-009397 // CNNVD: CNNVD-201710-506 // NVD: CVE-2017-10621

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-10621
value: MEDIUM

Trust: 1.0

sirt@juniper.net: CVE-2017-10621
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-10621
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201710-506
value: MEDIUM

Trust: 0.6

VULHUB: VHN-100962
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-10621
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-100962
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-10621
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 2.8

sources: VULHUB: VHN-100962 // JVNDB: JVNDB-2017-009397 // CNNVD: CNNVD-201710-506 // NVD: CVE-2017-10621 // NVD: CVE-2017-10621

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-100962 // JVNDB: JVNDB-2017-009397 // NVD: CVE-2017-10621

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201710-506

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201710-506

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-009397

PATCH
title:JSA10817url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10817&actp=METADATA
Trust: 0.8
title:Juniper Junos OS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75542
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2017-009397 // 
            
            
            
            CNNVD: CNNVD-201710-506

EXTERNAL IDS
db:NVDid:CVE-2017-10621
Trust: 2.5
db:JUNIPERid:JSA10817
Trust: 1.7
db:JVNDBid:JVNDB-2017-009397
Trust: 0.8
db:CNNVDid:CNNVD-201710-506
Trust: 0.7
db:VULHUBid:VHN-100962
Trust: 0.1
sources:
            
            
            VULHUB: VHN-100962 // 
            
            
            
            JVNDB: JVNDB-2017-009397 // 
            
            
            
            CNNVD: CNNVD-201710-506 // 
            
            
            
            NVD: CVE-2017-10621

REFERENCES
url:https://kb.juniper.net/jsa10817
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-10621
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-10621
Trust: 0.8
sources:
            
            
            VULHUB: VHN-100962 // 
            
            
            
            JVNDB: JVNDB-2017-009397 // 
            
            
            
            CNNVD: CNNVD-201710-506 // 
            
            
            
            NVD: CVE-2017-10621

SOURCES
db:VULHUBid:VHN-100962
db:JVNDBid:JVNDB-2017-009397
db:CNNVDid:CNNVD-201710-506
db:NVDid:CVE-2017-10621

LAST UPDATE DATE
2024-11-23T23:02:21.077000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-100962date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2017-009397date:2017-11-10T00:00:00
db:CNNVDid:CNNVD-201710-506date:2019-10-17T00:00:00
db:NVDid:CVE-2017-10621date:2024-11-21T03:06:13.803

SOURCES RELEASE DATE
db:VULHUBid:VHN-100962date:2017-10-13T00:00:00
db:JVNDBid:JVNDB-2017-009397date:2017-11-10T00:00:00
db:CNNVDid:CNNVD-201710-506date:2017-10-18T00:00:00
db:NVDid:CVE-2017-10621date:2017-10-13T17:29:00.973