CVE-2017-2348

EPSS 0.45%
Veröffentlicht 17.07.2017 13:18:24
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle sirt@juniper.net
Teams Watchlist Login
Unerledigt Login

The Juniper Enhanced jdhcpd daemon may experience high CPU utilization, or crash and restart upon receipt of an invalid IPv6 UDP packet. Both high CPU utilization and repeated crashes of the jdhcpd daemon can result in a denial of service as DHCP service is interrupted. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D12, 14.1X53-D38, 14.1X53-D40 on QFX, EX, QFabric System; 15.1 prior to 15.1F2-S18, 15.1R4 on all products and platforms; 15.1X49 prior to 15.1X49-D80 on SRX; 15.1X53 prior to 15.1X53-D51, 15.1X53-D60 on NFX, QFX, EX.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Juniper ≫ Junos Version14.1x53

Juniper ≫ Junos Version14.1x53 Updated10

Juniper ≫ Junos Version14.1x53 Updated38

Juniper ≫ Junos Version14.1x53 Updated40

Juniper ≫ Junos Version15.1

Juniper ≫ Junos Version15.1 Updatef1

Juniper ≫ Junos Version15.1 Updatef2

Juniper ≫ Junos Version15.1 Updatef2-s1

Juniper ≫ Junos Version15.1 Updatef2-s2

Juniper ≫ Junos Version15.1 Updatef2-s3

Juniper ≫ Junos Version15.1 Updatef2-s4

Juniper ≫ Junos Version15.1 Updater4

Juniper ≫ Junos Version15.1x49

Juniper ≫ Junos Version15.1x49 Updated10

Juniper ≫ Junos Version15.1x49 Updated20

Juniper ≫ Junos Version15.1x49 Updated30

Juniper ≫ Junos Version15.1x49 Updated35

Juniper ≫ Junos Version15.1x49 Updated40

Juniper ≫ Junos Version15.1x49 Updated45

Juniper ≫ Junos Version15.1x49 Updated50

Juniper ≫ Junos Version15.1x49 Updated55

Juniper ≫ Junos Version15.1x49 Updated60

Juniper ≫ Junos Version15.1x49 Updated65

Juniper ≫ Junos Version15.1x49 Updated70

Juniper ≫ Junos Version15.1x49 Updated75

Juniper ≫ Junos Version15.1x53

Juniper ≫ Junos Version15.1x53 Updated10

Juniper ≫ Junos Version15.1x53 Updated20

Juniper ≫ Junos Version15.1x53 Updated21

Juniper ≫ Junos Version15.1x53 Updated25

Juniper ≫ Junos Version15.1x53 Updated30

Juniper ≫ Junos Version15.1x53 Updated32

Juniper ≫ Junos Version15.1x53 Updated33

Juniper ≫ Junos Version15.1x53 Updated34

Juniper ≫ Junos Version15.1x53 Updated47

Juniper ≫ Junos Version15.1x53 Updated48

Juniper ≫ Junos Version15.1x53 Updated60

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.45%	0.607

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
sirt@juniper.net	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

http://www.securitytracker.com/id/1038899

Third Party Advisory

VDB Entry

https://kb.juniper.net/JSA10800

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-2348

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-2348

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-2348

EUVD