Rapid7 Vulnerability & Exploit Database

Juniper Junos OS: 2018-07 Security Bulletin: Junos OS: Receipt of malformed RSVP packet may lead to RPD denial of service (JSA10861) (CVE-2018-0027)

Back to Search

Juniper Junos OS: 2018-07 Security Bulletin: Junos OS: Receipt of malformed RSVP packet may lead to RPD denial of service (JSA10861) (CVE-2018-0027)

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
07/11/2018
Created
07/25/2018
Added
07/12/2018
Modified
09/12/2018

Description

Receipt of a crafted or malformed RSVP PATH message may cause the routing protocol daemon (RPD) to hang or crash. When RPD is unavailable, routing updates cannot be processed which can lead to an extended network outage. If RSVP is not enabled on an interface, then the issue cannot be triggered via that interface. This issue only affects Juniper Networks Junos OS 16.1 versions prior to 16.1R3. This issue does not affect Junos releases prior to 16.1R1.

Solution(s)

  • juniper-junos-os-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;