1. Home
  2. CVE Database
  3. CVE-2017-10608
HIGH · 7.5

CVE-2017-10608

Any Juniper Networks SRX series device with one or more ALGs enabled may experience a flowd crash when traffic is processed by the Sun/MS-RPC ALGs. This vulnerability in the Sun/MS-RPC ALG services co...

Vulnerability Description

Any Juniper Networks SRX series device with one or more ALGs enabled may experience a flowd crash when traffic is processed by the Sun/MS-RPC ALGs. This vulnerability in the Sun/MS-RPC ALG services component of Junos OS allows an attacker to cause a repeated denial of service against the target. Repeated traffic in a cluster may cause repeated flip-flop failure operations or full failure to the flowd daemon halting traffic on all nodes. Only IPv6 traffic is affected by this issue. IPv4 traffic is unaffected. This issues is not seen with to-host traffic. This issue has no relation with HA services themselves, only the ALG service. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 12.1X46 prior to 12.1X46-D55 on SRX; 12.1X47 prior to 12.1X47-D45 on SRX; 12.3X48 prior to 12.3X48-D32, 12.3X48-D35 on SRX; 15.1X49 prior to 15.1X49-D60 on SRX.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
JuniperJunos12.1x46
JuniperSrx110-
JuniperSrx1400-
JuniperSrx1500-
JuniperSrx220-
JuniperSrx300-
JuniperSrx3400-
JuniperSrx3600-
JuniperSrx4000-
JuniperSrx5400-
JuniperSrx550-
JuniperSrx5600-
JuniperSrx5800-

Related Weaknesses (CWE)

CWE-400

References

FAQ

What is CVE-2017-10608?

CVE-2017-10608 is a vulnerability with a CVSS score of 7.5 (HIGH). Any Juniper Networks SRX series device with one or more ALGs enabled may experience a flowd crash when traffic is processed by the Sun/MS-RPC ALGs. This vulnerability in the Sun/MS-RPC ALG services co...

How severe is CVE-2017-10608?

CVE-2017-10608 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-10608?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Srx110, Juniper Srx1400, Juniper Srx1500, Juniper Srx220.