When the 'bgp-error-tolerance' feature â€" designed to help mitigate remote session resets from malformed path attributes â€" is enabled, a BGP UPDATE containing a specifically crafted set of transitive attributes can cause the RPD routing process to crash and restart. Devices with BGP enabled that do not have 'bgp-error-tolerance' configured are not vulnerable to this issue. Affected releases are Juniper Networks Junos OS 13.3 before 13.3R10-S2; 14.1 before 14.1R8-S4, 14.1R9; 14.1X50 before 14.1X50-D185; 14.1X53 before 14.1X53-D45, 14.1X53-D50; 14.2 before 14.2R7-S7, 14.2R8; 15.1 before 15.1F5-S8, 15.1F6-S7, 15.1R5-S6, 15.1R6-S2, 15.1R7; 15.1X49 before 15.1X49-D100; 15.1X53 before 15.1X53-D64, 15.1X53-D70; 16.1 before 16.1R3-S4, 16.1R4-S3, 16.1R5; 16.2 before 16.2R1-S5, 16.2R2; 17.1 before 17.1R1-S3, 17.1R2; 17.2 before 17.2R1-S2, 17.2R2; 17.2X75 before 17.2X75-D50. No other Juniper Networks products or platforms are affected by this issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
juniper junos 13.3 |
||
juniper junos 14.1 |
||
juniper junos 14.1x50 |
||
juniper junos 14.1x53 |
||
juniper junos 14.2 |
||
juniper junos 15.1 |
||
juniper junos 15.1x49 |
||
juniper junos 15.1x53 |
||
juniper junos 16.1 |
||
juniper junos 16.2 |
||
juniper junos 17.1 |
||
juniper junos 17.2 |
||
juniper junos 17.2x75 |