LiveActive security incident?Get immediate response
CVE Record

CVE-2017-2345: Junos: snmpd denial of service upon receipt of crafted SNMP packet

On Junos OS devices with SNMP enabled, a network based attacker with unfiltered access to the RE can cause the Junos OS snmpd daemon to crash and restart by sending a crafted SNMP packet. Repeated crashes of the snmpd daemon can result in a partial denial of service condition. Additionally, it may be possible to craft a malicious SNMP packet in a way that can result in remote code execution. SNMP is disabled in Junos OS by default. Junos OS devices with SNMP disabled are not affected by this issue. No other Juniper Networks products or platforms are affected by this issue. NOTE: This is a different issue than Cisco CVE-2017-6736, CVE-2017-6737, and CVE-2017-6738. Affected releases are Juniper Networks Junos OS 12.1X46 prior to 12.1X46-D67; 12.3X48 prior to 12.3X48-D51, 12.3X48-D55; 13.3 prior to 13.3R10-S2; 14.1 prior to 14.1R2-S10, 14.1R8-S4, 14.1R9; 14.1X50 prior to 14.1X50-D185; 14.1X53 prior to 14.1X53-D122, 14.1X53-D44, 14.1X53-D50; 14.2 prior to 14.2R4-S9, 14.2R7-S7, 14.2R8; 15.1 prior to 15.1F2-S18, 15.1F6-S7, 15.1R4-S8, 15.1R5-S5, 15.1R6-S1, 15.1R7; 15.1X49 prior to 15.1X49-D100, 15.1X49-D110; 15.1X53 prior to 15.1X53-D231, 15.1X53-D47, 15.1X53-D48, 15.1X53-D57, 15.1X53-D64, 15.1X53-D70; 16.1 prior to 16.1R3-S4, 16.1R4-S3, 16.1R4-S4, 16.1R5; 16.2 prior to 16.2R2, 16.2R3; 17.1 prior to 17.1R1-S3, 17.1R2, 17.1R3; 17.2 prior to 17.2R1-S1, 17.2R2; 17.2X75 prior to 17.2X75-D30. Junos releases prior to 10.2 are not affected.

CriticalCVSS 9.8Not KEV-listedUpdated
Glexia's TakeAutomated analysis

Security readout for executives and security teams

This Junos OS flaw affects devices with SNMP enabled. An unauthenticated network attacker who can reach the routing engine over SNMP can crash and restart snmpd, causing partial service disruption. The source also says specially crafted traffic may allow remote code execution. Exposure is limited to Juniper Networks Junos OS devices in the listed affected release ranges with SNMP enabled and unfiltered access to the routing engine. Junos releases before 10.2, devices with SNMP disabled, and other Juniper products or platforms are stated as unaffected. Prioritize urgently for any Junos device exposing SNMP beyond a tightly controlled management network. Business impact is highest where network infrastructure availability is critical or management-plane access is reachable from untrusted networks. If SNMP is disabled, this CVE should not apply based on the source bundle. Mitigation focus: Upgrade affected Junos OS devices to a fixed release listed by Juniper guidance.; Disable SNMP where it is not operationally required.; Restrict SNMP access to trusted management networks only..

Prepared

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

description · low confidence lookup

Execution behavior lookup

The CVE wording references code or command execution, so execution technique review may help defensive triage. This is a Glexia inferred lookup path, not an official MITRE, ATT&CK, or CVE Program mapping.

Open ATT&CK lookup
cve · low confidence lookup

CVE-2017-2345 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Critical
CVSS
9.8 (3.0)
Known Exploited
No
Published

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

1CVSS vectors
0Timeline events
0ADP providers
2Source links

CVSS vector scores

1 official score

We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.

ScoreVersionSeverityVectorExploitImpactSource
9.8CVSS 3.0CriticalCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H3.95.9Primary CVE score

Vulnerability scoring details

Base CVSS 3.0 score

9.8Critical
CVSS 3.0 vector shape for CVE-2017-2345Attack VectorAttack ComplexityPrivileges RequiredUser InteractionScopeConfidentiality ImpactIntegrity ImpactAvailability Impact

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector
NetworkAdjacentLocalPhysical
Attack Complexity
LowHigh
Privileges Required
NoneLowHigh
User Interaction
NoneRequired
Scope
ChangedUnchanged
Confidentiality Impact
HighLowNone
Integrity Impact
HighLowNone
Availability Impact
HighLowNone

Source materials

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
Juniper NetworksJunos OSJunos releases prior to 10.2 are not affectedListed
Juniper NetworksJunos OS12.1X46 prior to 12.1X46-D67, 12.3X48 prior to 12.3X48-D51, 12.3X48-D55, 13.3 prior to 13.3R10-S2, 14.1 prior to 14.1R2-S10, 14.1R8-S4, 14.1R9, 14.1X50 prior to 14.1X50-D185, 14.1X53 prior to 14.1X53-D122, 14.1X53-D44, 14.1X53-D50, 14.2 prior to 14.2R4-S9, 14.2R7-S7, 14.2R8, 15.1 prior to 15.1F2-S18, 15.1F6-S7, 15.1R4-S8, 15.1R5-S5, 15.1R6-S1, 15.1R7, 15.1X49 prior to 15.1X49-D100, 15.1X53 prior to 15.1X53-D231, 15.1X53-D47, 15.1X53-D48, 15.1X53-D57, 15.1X53-D64, 15.1X53-D70, 16.1 prior to 16.1R3-S4, 16.1R4-S3, 16.1R4-S4, 16.1R5, 16.2 prior to 16.2R2, 17.1 prior to 17.1R1-S3, 17.1R2, 17.2 prior to 17.2R1-S1, 17.2R2, 17.2X75 prior to 17.2X75-D30Listed
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.