CVE-2017-2314
Junos: RPD crash due to malformed BGP OPEN message
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Receipt of a malformed BGP OPEN message may cause the routing protocol daemon (rpd) process to crash and restart. By continuously sending specially crafted BGP OPEN messages, an attacker can repeatedly crash the rpd process causing prolonged denial of service. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 12.3 prior to 12.3R12-S4, 12.3R13, 12.3R3-S4; 12.3X48 prior to 12.3X48-D50; 13.3 prior to 13.3R4-S11, 13.3R10; 14.1 prior to 14.1R8-S3, 14.1R9; 14.1X53 prior to 14.1X53-D40; 14.1X55 prior to 14.1X55-D35; 14.2 prior to 14.2R4-S7, 14.2R6-S4, 14.2R7; 15.1 prior to 15.1F2-S11, 15.1F4-S1-J1, 15.1F5-S3, 15.1F6, 15.1R4; 15.1X49 prior to 15.1X49-D100; 15.1X53 prior to 15.1X53-D33, 15.1X53-D50.
La recepción de un mensaje BGP OPEN malformado puede causar que el proceso routing protocol daemon (rpd) se bloquee y reinicie. Mediante el envío continuo de mensajes BGP OPEN especialmente creados, un atacante puede bloquear repetidamente el proceso rpd causando una denegación de servicio prolongada. Ningún otro producto o plataforma de Juniper Networks está afectada por este problema. Las versiones afectadas son Juniper Networks Junos OS versión 12.3 anterior a 12.3R12-S4, 12.3R13 y 12.3R3-S4; versión 12.3X48 anterior a 12.3X48-D50; versión 13.3 anterior a 13.3R4-S11 y 13.3R10; versión 14.1 anterior a 14.1R8-S3 y 14.1R9; versión 14.1X53 anterior a 14.1X53-D40; versión 14.1X55 anterior a 14.1X55-D35; versión 14.2 anterior a 14.2R4-S7, 14.2R6-S4 y 14.2R7; versión 15.1 anterior a 15.1F2-S11, 15.1F4-S1-J1, 15.1F5-S3, 15.1F6 y 15.1R4; versión 15.1X49 anterior a 15.1X49-D100; versión 15.1X53 anterior a 15.1X53-D33 y 15.1X53-D50.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-12-01 CVE Reserved
- 2017-07-14 CVE Published
- 2023-05-24 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securitytracker.com/id/1038889 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://kb.juniper.net/JSA10779 | 2020-02-20 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3 Search vendor "Juniper" for product "Junos" and version "12.3" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3 Search vendor "Juniper" for product "Junos" and version "12.3" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3 Search vendor "Juniper" for product "Junos" and version "12.3" | r10 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3 Search vendor "Juniper" for product "Junos" and version "12.3" | r11 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3 Search vendor "Juniper" for product "Junos" and version "12.3" | r12 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3 Search vendor "Juniper" for product "Junos" and version "12.3" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3 Search vendor "Juniper" for product "Junos" and version "12.3" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3 Search vendor "Juniper" for product "Junos" and version "12.3" | r4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3 Search vendor "Juniper" for product "Junos" and version "12.3" | r5 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3 Search vendor "Juniper" for product "Junos" and version "12.3" | r6 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3 Search vendor "Juniper" for product "Junos" and version "12.3" | r7 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3 Search vendor "Juniper" for product "Junos" and version "12.3" | r8 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3 Search vendor "Juniper" for product "Junos" and version "12.3" | r9 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3x48 Search vendor "Juniper" for product "Junos" and version "12.3x48" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3x48 Search vendor "Juniper" for product "Junos" and version "12.3x48" | d10 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3x48 Search vendor "Juniper" for product "Junos" and version "12.3x48" | d15 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3x48 Search vendor "Juniper" for product "Junos" and version "12.3x48" | d20 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3x48 Search vendor "Juniper" for product "Junos" and version "12.3x48" | d25 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3x48 Search vendor "Juniper" for product "Junos" and version "12.3x48" | d30 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3x48 Search vendor "Juniper" for product "Junos" and version "12.3x48" | d35 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3x48 Search vendor "Juniper" for product "Junos" and version "12.3x48" | d40 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 12.3x48 Search vendor "Juniper" for product "Junos" and version "12.3x48" | d45 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1 Search vendor "Juniper" for product "Junos" and version "14.1" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1 Search vendor "Juniper" for product "Junos" and version "14.1" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1 Search vendor "Juniper" for product "Junos" and version "14.1" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1 Search vendor "Juniper" for product "Junos" and version "14.1" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1 Search vendor "Juniper" for product "Junos" and version "14.1" | r4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1 Search vendor "Juniper" for product "Junos" and version "14.1" | r5 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1 Search vendor "Juniper" for product "Junos" and version "14.1" | r6 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1 Search vendor "Juniper" for product "Junos" and version "14.1" | r7 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1 Search vendor "Juniper" for product "Junos" and version "14.1" | r8 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1x53 Search vendor "Juniper" for product "Junos" and version "14.1x53" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1x53 Search vendor "Juniper" for product "Junos" and version "14.1x53" | d15 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1x53 Search vendor "Juniper" for product "Junos" and version "14.1x53" | d16 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1x53 Search vendor "Juniper" for product "Junos" and version "14.1x53" | d25 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1x53 Search vendor "Juniper" for product "Junos" and version "14.1x53" | d26 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1x53 Search vendor "Juniper" for product "Junos" and version "14.1x53" | d27 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1x53 Search vendor "Juniper" for product "Junos" and version "14.1x53" | d30 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1x53 Search vendor "Juniper" for product "Junos" and version "14.1x53" | d35 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.2 Search vendor "Juniper" for product "Junos" and version "14.2" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.2 Search vendor "Juniper" for product "Junos" and version "14.2" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.2 Search vendor "Juniper" for product "Junos" and version "14.2" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.2 Search vendor "Juniper" for product "Junos" and version "14.2" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.2 Search vendor "Juniper" for product "Junos" and version "14.2" | r4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.2 Search vendor "Juniper" for product "Junos" and version "14.2" | r5 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.2 Search vendor "Juniper" for product "Junos" and version "14.2" | r6 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | f2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | f4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | f5 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 13.3 Search vendor "Juniper" for product "Junos" and version "13.3" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 13.3 Search vendor "Juniper" for product "Junos" and version "13.3" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 13.3 Search vendor "Juniper" for product "Junos" and version "13.3" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 13.3 Search vendor "Juniper" for product "Junos" and version "13.3" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 13.3 Search vendor "Juniper" for product "Junos" and version "13.3" | r9 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 14.1x55 Search vendor "Juniper" for product "Junos" and version "14.1x55" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d10 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d20 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d30 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d35 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d40 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d45 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d50 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d55 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d60 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d65 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d70 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d75 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d80 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d90 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x53 Search vendor "Juniper" for product "Junos" and version "15.1x53" | d10 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x53 Search vendor "Juniper" for product "Junos" and version "15.1x53" | d20 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x53 Search vendor "Juniper" for product "Junos" and version "15.1x53" | d21 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x53 Search vendor "Juniper" for product "Junos" and version "15.1x53" | d30 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x53 Search vendor "Juniper" for product "Junos" and version "15.1x53" | d32 |
Affected
| ||||||