What is CVE-2017-10610?

CVE-2017-10610 is a high-severity vulnerability in Juniper Junos, classified under Improper Input Validation. CVSS score: 7.5/10. Published 2017-10-13.

How severe is CVE-2017-10610?

High severity. CVSS v3 base score is 7.5 out of 10.

Improper input validation in Juniper Junos

CVE-2017-10610

On SRX Series devices, a crafted ICMP packet embedded within a NAT64 IPv6 to IPv4 tunnel may cause the flowd process to crash. Repeated crashes of the flowd process constitutes an extended denial of service condition for the SRX Series dev…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.004 (59.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Juniper Junos — versions 12.1x46, 12.3x48, 15.1x49
Juniper Srx_series
Juniper Networks Junos Os — versions 15.1X49 prior to 15.1X49-D100, 12.3X48 prior to 12.3X48-D55, 12.1X46 prior to 12.1X46-D71

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

sirt@juniper.net (x_refsource_CONFIRM, Vendor Advisory)
sirt@juniper.net (x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2017-10610?: CVE-2017-10610 is a high-severity vulnerability in Juniper Junos, classified under Improper Input Validation. CVSS score: 7.5/10. Published 2017-10-13.
How severe is CVE-2017-10610?: High severity. CVSS v3 base score is 7.5 out of 10.