CVE-2017-2315

Published Apr 24, 2017

Last updated 3 months ago

CVSS high 7.5

Overview

Description: On Juniper Networks EX Series Ethernet Switches running affected Junos OS versions, a vulnerability in IPv6 processing has been discovered that may allow a specially crafted IPv6 Neighbor Discovery (ND) packet destined to an EX Series Ethernet Switch to cause a slow memory leak. A malicious network-based packet flood of these crafted IPv6 NDP packets may eventually lead to resource exhaustion and a denial of service. The affected Junos OS versions are: 12.3 prior to 12.3R12-S4, 12.3R13; 13.3 prior to 13.3R10; 14.1 prior to 14.1R8-S3, 14.1R9; 14.1X53 prior ro 14.1X53-D12, 14.1X53-D40; 14.1X55 prior to 14.1X55-D35; 14.2 prior to 14.2R6-S4, 14.2R7-S6, 14.2R8; 15.1 prior to 15.1R5; 16.1 before 16.1R3; 16.2 before 16.2R1-S3, 16.2R2. 17.1R1 and all subsequent releases have a resolution for this vulnerability.
Source: sirt@juniper.net
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-772

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "371A7DF8-3F4B-439D-8990-D1BC6F0C25C5"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "661B4C1E-DB85-4EB0-B26F-F6496CEF0AA6"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0DD051A-E486-4A9D-A978-A5A980AAF237"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r12:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4ED9ACC-B6BA-4128-8934-759BB9EC904F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r13:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E69DD769-0C8F-4DCE-9F65-411A8CB85322"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6F309FD-0A5A-4C86-B227-B2B511A5CEB4"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "960059B5-0701-4B75-AB51-0A430247D9F0"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D1DCA52-DA81-495B-B516-5571F01E3B0A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05E187F6-BACD-4DD5-B393-B2FE4349053A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C240840-A6BC-4E3D-A60D-22F08E67E2B2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC90563F-6BCB-4D77-8FD4-584E3A6C7741"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:r9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AD03BA7-D9EC-420F-97C4-383F79D6873F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FF9FF91-9184-4D18-8288-9110E35F4AE5"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F2E537B-9504-4912-B231-0D83F4459469"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BCB3837-DCBC-4997-B63E-E47957584709"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C88E2B1-469B-442B-9FC0-7C9408CE3917"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FB5A368-E582-4DFD-87B4-C887DA908E47"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70ED0B93-2CFC-474F-B199-F78E1C67E8C7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8D270B6-1681-4EC5-9BC2-1312A50C8E09"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41DB14FA-0D58-4AE4-9324-310290F1F0F1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:r9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5617BE56-FAB0-4A26-B311-E4A6C506DE80"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C778627-820A-48F5-9680-0205D6DB5EB6"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA7F03DC-73A2-4760-B386-2A57E9C97E65"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CA10003-D52B-4110-9D7A-F50895E6BA17"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B2D843A-8ADE-4888-8960-B48394DEA1D2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BE66516-A06D-4C0F-8346-DFC8865C8FE8"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEBDFC9E-7753-42A8-A5C8-4D40D219F93A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25E5D543-D779-482D-AA8A-6E77C1949FBD"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1:r9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A76DAC5-AEC4-47E8-9876-71EE5BAD73E2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A545D686-25FD-47CD-838A-CF69FB707253"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.1x55:d35:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84F7C44C-E9ED-4DC4-8AFF-87FAB53EBF5F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79149AA0-17D1-4522-894F-C025F7A30FD7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30726286-7CB1-4E5D-AE44-2B4D84795900"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33BE028F-2961-414A-9D42-C4861566C2DC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E85AB30C-03FC-44DB-A8AA-B916A905CA66"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D01CA25F-E1E1-4831-8561-D3B0300BF4A7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C31AA11-FA95-4927-9E48-D46BBE4945B1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:14.2:r8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "469B95AC-E779-43D2-A24F-B9CB6D5DB9B8"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBE35BDC-7739-4854-8BB8-E8600603DE9D"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B6097D4-3856-4696-9A26-5B6C0FD9AD6C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7572C187-4D58-4E0D-A605-B2B13EFF5C6B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References