CVE-2017-10621

A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service. Affected Junos OS releases are: 12.1X46 prior to 12.1X46-D71; 12.3X48 prior to 12.3X48-D50; 14.1 prior to 14.1R8-S5, 14.1R9; 14.1X53 prior to 14.1X53-D50; 14.2 prior to 14.2R7-S9, 14.2R8; 15.1 prior to 15.1F2-S16, 15.1F5-S7, 15.1F6-S6, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D90; 15.1X53 prior to 15.1X53-D47; 16.1 prior to 16.1R4-S1, 16.1R5; 16.2 prior to 16.2R1-S3, 16.2R2;

CVSS v3 5.3 MEDIUM
CVSS v2.0 5.0 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://kb.juniper.net/JSA10817	Mitigation Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:juniper:junos:12.1x45:::::::*
	cpe:2.3:o:juniper:junos:12.3x48:::::::*
	cpe:2.3:o:juniper:junos:14.1:::::::*
	cpe:2.3:o:juniper:junos:14.1x53:::::::*
	cpe:2.3:o:juniper:junos:14.2:::::::*
	cpe:2.3:o:juniper:junos:15.1:::::::*
	cpe:2.3:o:juniper:junos:15.1x49:::::::*
	cpe:2.3:o:juniper:junos:15.1x53:::::::*
	cpe:2.3:o:juniper:junos:16.1:::::::*
	cpe:2.3:o:juniper:junos:16.2:::::::*

History

No history.

Information

Published : 2017-10-13 17:29

Updated : 2023-12-10 12:15

NVD link : CVE-2017-10621

Mitre link : CVE-2017-10621

CVE.ORG link : CVE-2017-10621

JSON object : View

Products Affected

juniper

junos

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2017-10621", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2017-10-13T17:29:00.973", "references": [{"url": "https://kb.juniper.net/JSA10817", "tags": ["Mitigation", "Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service. Affected Junos OS releases are: 12.1X46 prior to 12.1X46-D71; 12.3X48 prior to 12.3X48-D50; 14.1 prior to 14.1R8-S5, 14.1R9; 14.1X53 prior to 14.1X53-D50; 14.2 prior to 14.2R7-S9, 14.2R8; 15.1 prior to 15.1F2-S16, 15.1F5-S7, 15.1F6-S6, 15.1R5-S2, 15.1R6; 15.1X49 prior to 15.1X49-D90; 15.1X53 prior to 15.1X53-D47; 16.1 prior to 16.1R4-S1, 16.1R5; 16.2 prior to 16.2R1-S3, 16.2R2;"}, {"lang": "es", "value": "Una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en el servicio telnetd en Juniper Networks Junos OS permite que atacantes remotos no autenticados provoquen una denegaci\u00f3n de servicio (DoS). Las distribuciones afectadas Junos OS son: 12.1X46 anteriores a 12.1X46-D71; 12.3X48 anteriores a 12.3X48-D50; 14.1 anteriores a 14.1R8-S5, 14.1R9; 14.1X53 anteriores a 14.1X53-D50; 14.2 anteriores a 14.2R7-S9, 14.2R8; 15.1 anteriores a 15.1F2-S16, 15.1F5-S7, 15.1F6-S6, 15.1R5-S2, 15.1R6; 15.1X49 anteriores a 15.1X49-D90; 15.1X53 anteriores a 15.1X53-D47; 16.1 anteriores a 16.1R4-S1, 16.1R5; 16.2 anteriores a 16.2R1-S3, 16.2R2;"}], "lastModified": "2019-10-09T23:21:42.540", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E747970-4C27-4B46-9163-964252CB98F6"}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7192552C-7D4A-4D95-BA79-CDF465E27D37"}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6237291A-B861-4D53-B7AA-C53A44B76896"}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0"}, {"criteria": "cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D59449C6-5BD5-4C07-AEF6-EEBC70D9C4C7"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD0952C4-FFCC-4A78-ADFC-289BD6E269DB"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B71FB14A-67D4-4EDD-BB32-07764F5AFA6E"}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AC40ABB-E364-46C9-A904-C0ED02806250"}, {"criteria": "cpe:2.3:o:juniper:junos:16.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D571B57-4F4C-4232-9D3B-B2F7AAAB220B"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}