CVE-2017-2303

Summary

On Juniper Networks products or platforms running Junos OS 12.1X46 prior to 12.1X46-D50, 12.1X47 prior to 12.1X47-D40, 12.3 prior to 12.3R13, 12.3X48 prior to 12.3X48-D30, 13.2X51 prior to 13.2X51-D40, 13.3 prior to 13.3R10, 14.1 prior to 14.1R8, 14.1X53 prior to 14.1X53-D35, 14.1X55 prior to 14.1X55-D35, 14.2 prior to 14.2R5, 15.1 prior to 15.1F6 or 15.1R3, 15.1X49 prior to 15.1X49-D30 or 15.1X49-D40, 15.1X53 prior to 15.1X53-D35, and where RIP is enabled, certain RIP advertisements received by the router may cause the RPD daemon to crash resulting in a denial of service condition.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS where RIP is enabled12.1X46 prior to 12.1X46-D50affected
Juniper NetworksJunos OS where RIP is enabled12.1X47 prior to 12.1X47-D40affected
Juniper NetworksJunos OS where RIP is enabled12.3 prior to 12.3R13affected
Juniper NetworksJunos OS where RIP is enabled12.3X48 prior to 12.3X48-D30affected
Juniper NetworksJunos OS where RIP is enabled13.2X51 prior to 13.2X51-D40affected
Juniper NetworksJunos OS where RIP is enabled13.3 prior to 13.3R10affected
Juniper NetworksJunos OS where RIP is enabled14.1 prior to 14.1R8affected
Juniper NetworksJunos OS where RIP is enabled14.1X53 prior to 14.1X53-D35affected
Juniper NetworksJunos OS where RIP is enabled14.1X55 prior to 14.1X55-D35affected
Juniper NetworksJunos OS where RIP is enabled14.2 prior to 14.2R5affected
Juniper NetworksJunos OS where RIP is enabled15.1 prior to 15.1F6 or 15.1R3affected
Juniper NetworksJunos OS where RIP is enabled15.1X49 prior to 15.1X49-D30 or 15.1X49-D40,affected
Juniper NetworksJunos OS where RIP is enabled15.1X53 prior to 15.1X53-D35affected
Juniper NetworksJunos OS where RIP is enabled16.1R1 and all subsequent releases have fix.affected

Weaknesses

  • RPD daemon to crash denial of service

ADP Enrichment

CVE Program Container

Additional References

References