CVE-2017-10618 Information

Description

When the ‘bgp-error-tolerance’ feature &xe2;&x80;\ designed to help mitigate remote session resets from malformed path attributes &xe2;&x80;\ is enabled a BGP UPDATE containing a specifically crafted set of transitive attributes can cause the RPD routing process to crash and restart. Devices with BGP enabled that do not have ‘bgp-error-tolerance’ configured are not vulnerable to this issue. Affected releases are Juniper Networks Junos OS 13.3 prior to 13.3R10-S2; 14.1 prior to 14.1R8-S4 14.1R9; 14.1X50 prior to 14.1X50-D185; 14.1X53 prior to 14.1X53-D45 14.1X53-D50; 14.2 prior to 14.2R7-S7 14.2R8; 15.1 prior to 15.1F5-S8 15.1F6-S7 15.1R5-S6 15.1R6-S2 15.1R7; 15.1X49 prior to 15.1X49-D100; 15.1X53 prior to 15.1X53-D64 15.1X53-D70; 16.1 prior to 16.1R3-S4 16.1R4-S3 16.1R5; 16.2 prior to 16.2R1-S5 16.2R2; 17.1 prior to 17.1R1-S3 17.1R2; 17.2 prior to 17.2R1-S2 17.2R2; 17.2X75 prior to 17.2X75-D50. No other Juniper Networks products or platforms are affected by this issue.

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://kb.juniper.net/JSA10820 https://www.juniper.net/documentation/en_US/junos/topics/concept/bgp-error-handling-overview.html https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/bgp-error-tolerance.html

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

5.9