What is CVE-2017-2346?

CVE-2017-2346 is a medium-severity vulnerability in Juniper Junos. CVSS score: 5.9/10. Published 2017-07-17.

How severe is CVE-2017-2346?

Medium severity. CVSS v3 base score is 5.9 out of 10.

Vulnerability in Juniper Junos

CVE-2017-2346

An MS-MPC or MS-MIC Service PIC may crash when large fragmented packets are passed through an Application Layer Gateway (ALG). Repeated crashes of the Service PC can result in an extended denial of service condition. The issue can be seen…

EPSS: 0.011 (61.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Juniper Junos — versions 14.1x55, 14.2, 15.1
Juniper Mx
Juniper Networks Junos Os — versions 14.1X55 from 14.1X55-D30 prior to 14.1X55-D35, 16.1R from 16.1R2 prior to 16.1R3-S2, 16.1R4, 15.1R from 15.1R5 prior to 15.1R5-S2, 15.1R6

References

sirt@juniper.net (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
sirt@juniper.net (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2017-2346?: CVE-2017-2346 is a medium-severity vulnerability in Juniper Junos. CVSS score: 5.9/10. Published 2017-07-17.
How severe is CVE-2017-2346?: Medium severity. CVSS v3 base score is 5.9 out of 10.