CVE-2017-2342

HIGH Year: 2017
CVSS v3 Score
8.1
High
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-392
View all →

Vulnerability Description

MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be established. It falls back to an unencrypted link. This can happen when MACsec is configured on ports that are not capable of MACsec or when a secure link can not be established. This can mislead customers into believing that a link is secure. On SRX 300 series devices, prior to 15.1X49-D100, MACsec was only supported on control and fabric ports of SRX340 and SRX345 devices. SRX300 and and SRX320 did not have any MACsec capable ports. Configuring MACsec on ports that were not MACsec capable would have resulted in this issue. Affected releases are Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series.

Related Vulnerabilities

CVE-2025-32743

CRITICAL
CVSS:9.0(Critical)

In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of se...

CWE-3922025

CVE-2025-26268

MEDIUM
CVSS:6.5(Medium)

DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service (daemon crash) via a crafted Redis command. The validity of the scan cursor was not checked.

CWE-3922025

CVE-2024-12797

MEDIUM
CVSS:6.3(Medium)

Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSL_V...

CWE-3922024

CVE-2025-32743

CRITICAL
CVSS:9.0(Critical)

In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of se...

CWE-3922025

CVE-2025-26268

MEDIUM
CVSS:6.5(Medium)

DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service (daemon crash) via a crafted Redis command. The validity of the scan cursor was not checked.

CWE-3922025

CVE-2024-12797

MEDIUM
CVSS:6.3(Medium)

Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSL_V...

CWE-3922024