SEVERITY: Medium

ANALYSIS SUMMARY

An error when handling BGP messages related to the routing protocol daemon can be exploited to cause a crash. The flaw can only be exploited successfully when the affected product is configured as a VPLS PE.

IMPACT 

Denial of Service

AFFECTED PRODUCTS

• Juniper Junos OS 12.1X46
• Juniper Junos OS 12.3
• Juniper Junos OS 12.3X48
• Juniper Junos OS 14.1X53
• Juniper Junos OS 15.1
• Juniper Junos OS 15.1X49
• Juniper Junos OS 15.1X53
• Juniper Junos OS 16.1
• Juniper Junos OS 16.2
• Juniper Junos OS 17.1
• Juniper Junos OS 17.2
• Juniper Junos OS 17.3
• Juniper Junos OS 17.4
• Juniper Junos OS 18.1

REMEDIATION

Update to version

• 12.1X46-D81
• 12.3R12-S12
• 12.3X48-D76
• 12.3X48-D80
• 15.1F6-S12
• 15.1R7-S2
• 15.1X49-D150
• 15.1X53-D235
• 15.1X53-D495
• 15.1X53-D590
• 15.1X53-D68
• 16.1R3-S10
• 16.1R4-S12
• 16.1R6-S6
• 16.1R7-S1
• 16.2R2-S7
• 17.1R2-S9
• 17.1R3
• 17.2R1-S7
• 17.2R2-S6
• 17.2R3
• 17.3R2-S4
• 17.3R3
• 17.4R1-S5
• 17.4R2
• 18.1R2-S3
• 18.1R3
• 18.2R1
• 18.2X75-D10

If you think you’re a victim of a cyber-attack, immediately send an email to soc@rewterz.com.