What is CVE-2017-10605?

CVE-2017-10605 is a high-severity vulnerability in Juniper Junos, classified under Improper Input Validation. CVSS score: 8.6/10. Published 2017-07-17.

How severe is CVE-2017-10605?

High severity. CVSS v3 base score is 8.6 out of 10.

Improper input validation in Juniper Junos

CVE-2017-10605

On all vSRX and SRX Series devices, when the DHCP or DHCP relay is configured, specially crafted packet might cause the flowd process to crash, halting or interrupting traffic from flowing through the device(s). Repeated crashes of the flo…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.008 (74.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Juniper Junos — versions 12.1x46, 12.3x48, 15.1x49
Juniper Srx100
Juniper Srx110
Juniper Srx1400
Juniper Srx210
Juniper Srx220
Juniper Srx240
Juniper Srx3400
Juniper Srx3600
Juniper Srx5400

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

sirt@juniper.net (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
sirt@juniper.net (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2017-10605?: CVE-2017-10605 is a high-severity vulnerability in Juniper Junos, classified under Improper Input Validation. CVSS score: 8.6/10. Published 2017-07-17.
How severe is CVE-2017-10605?: High severity. CVSS v3 base score is 8.6 out of 10.