Vulnerability Description
Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes of the rpd daemon can result in an extended denial of service condition. The affected Junos OS versions are: 15.1 prior to 15.1F2-S15, 15.1F5-S7, 15.1F6-S5, 15.1F7, 15.1R4-S7, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D78, 15.1X49-D80; 15.1X53 prior to 15.1X53-D230, 15.1X53-D63, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4; 16.2 prior to 16.2R1-S3, 16.2R2; Releases prior to Junos OS 15.1 are unaffected by this vulnerability. 17.1R1, 17.2R1, and all subsequent releases have a resolution for this vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | 15.1 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/97606Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038257
- https://kb.juniper.net/JSA10778Vendor Advisory
- http://www.securityfocus.com/bid/97606Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038257
- https://kb.juniper.net/JSA10778Vendor Advisory
FAQ
What is CVE-2017-2313?
CVE-2017-2313 is a vulnerability with a CVSS score of 7.5 (HIGH). Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. Repeated crashes...
How severe is CVE-2017-2313?
CVE-2017-2313 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-2313?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos.