VYPR
← All advisories
High severity7.5NVD Advisory· Published May 30, 2017· Updated May 13, 2026

CVE-2017-2304

CVE-2017-2304

Description

Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS 14.1X53 prior to 14.1X53-D40, 15.1X53 prior to 15.1X53-D40, 15.1 prior to 15.1R2, do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is also known as 'Etherleak'

Affected products

20
  • Juniper Networks/Junos19 versions
    cpe:2.3:o:juniper:junos:14.1x53:-:*:*:*:*:*:*+ 18 more
    • cpe:2.3:o:juniper:junos:14.1x53:-:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:15.1:-:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:15.1x53:-:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:15.1x53:d25:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*
    • cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*
  • Juniper Networks/Junos OS running on QFX3500, QFX3600, QFX5100, QFX5200, EX4300, EX4600 devicesv5
    Range: 14.1X53 prior to 14.1X53-D40

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.