Junos OS

 View Only


This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.

  • 1.  CVE-2017-2315

    Posted 09-21-2021 10:20
    About CVE-2017-2315 - 

    it says

    On Juniper Networks EX Series Ethernet Switches running affected Junos OS versions, a vulnerability in IPv6 processing has been discovered that may allow a specially crafted IPv6 Neighbor Discovery (ND) packet destined to an EX Series Ethernet Switch to cause a slow memory leak. A malicious network-based packet flood of these crafted IPv6 NDP packets may eventually lead to resource exhaustion and a denial of service. The affected Junos OS versions are: 12.3 prior to 12.3R12-S4, 12.3R13; 13.3 prior to 13.3R10; 14.1 prior to 14.1R8-S3, 14.1R9; 14.1X53 prior ro 14.1X53-D12, 14.1X53-D40; 14.1X55 prior to 14.1X55-D35; 14.2 prior to 14.2R6-S4, 14.2R7-S6, 14.2R8; 15.1 prior to 15.1R5; 16.1 before 16.1R3; 16.2 before 16.2R1-S3, 16.2R2. 17.1R1 and all subsequent releases have a resolution for this vulnerability.
    what does it mean by 12.3 prior to 12.3R12-S4, 12.3R13; - are the versions between 12.3R12-S4 and 12.3R13 are also vulnerable?

    manasa ummadi

  • 2.  RE: CVE-2017-2315

    Posted 09-22-2021 05:56
    prior to means before, older, earlier than, ...
    Just continue to read https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10781 which says "The following software releases have been updated to resolve this specific issue: Junos OS 12.3R12-S4, 12.3R13, ..."

  • 3.  RE: CVE-2017-2315

    Posted 09-23-2021 05:12


    I don't understand your answer to my question - - are the versions between 12.3R12-S4 and 12.3R13 are also vulnerable?

    I have installed version 12.3R12-S18.2. Is it vulnerable?

    manasa ummadi

  • 4.  RE: CVE-2017-2315

    Posted 09-23-2021 05:43

    The affected Junos OS versions are:
    12.3 prior to 
    12.3R12-S4,<<< meaning that versions 12.rR12-S5 or higher are good 

    12.3R13; <<< meaning that versions 12.3R13 dash or dot anything are good

    Therefore, 12.3R12-S18.2 is patched for this vulnerability.

    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)