Lucene search

K
cve[email protected]CVE-2016-1270
HistoryApr 15, 2016 - 2:59 p.m.

CVE-2016-1270

2016-04-1514:59:06
CWE-19
web.nvd.nist.gov
19
information security
vulnerability
cve-2016-1270
juniper
junos os
rpd daemon
bgp
l2vpn
vpls
denial of service

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

61.8%

The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update.

Affected configurations

NVD
Node
juniperjunosRange12.1x44d55
OR
juniperjunosMatch12.1x46
OR
juniperjunosMatch12.1x46d10
OR
juniperjunosMatch12.1x46d15
OR
juniperjunosMatch12.1x46d20
OR
juniperjunosMatch12.1x46d25
OR
juniperjunosMatch12.1x46d30
OR
juniperjunosMatch12.1x46d35
OR
juniperjunosMatch12.1x46d40
OR
juniperjunosMatch12.1x47
OR
juniperjunosMatch12.1x47d10
OR
juniperjunosMatch12.1x47d15
OR
juniperjunosMatch12.1x47d20
OR
juniperjunosMatch12.1x47d25
OR
juniperjunosMatch12.3
OR
juniperjunosMatch12.3r1
OR
juniperjunosMatch12.3r2
OR
juniperjunosMatch12.3r3
OR
juniperjunosMatch12.3r4
OR
juniperjunosMatch12.3r5
OR
juniperjunosMatch12.3r6
OR
juniperjunosMatch12.3r7
OR
juniperjunosMatch12.3r8
OR
juniperjunosMatch12.3x48d10
OR
juniperjunosMatch12.3x48d15
OR
juniperjunosMatch13.2
OR
juniperjunosMatch13.2r1
OR
juniperjunosMatch13.2r2
OR
juniperjunosMatch13.2r3
OR
juniperjunosMatch13.2r4
OR
juniperjunosMatch13.2r5
OR
juniperjunosMatch13.2r6
OR
juniperjunosMatch13.2x51d15
OR
juniperjunosMatch13.2x51d20
OR
juniperjunosMatch13.2x51d21
OR
juniperjunosMatch13.2x51d25
OR
juniperjunosMatch13.2x51d26
OR
juniperjunosMatch13.2x51d30
OR
juniperjunosMatch13.2x51d35
OR
juniperjunosMatch13.3
OR
juniperjunosMatch13.3r1
OR
juniperjunosMatch13.3r2
OR
juniperjunosMatch13.3r3
OR
juniperjunosMatch13.3r4
OR
juniperjunosMatch13.3r5
OR
juniperjunosMatch13.3r6
OR
juniperjunosMatch14.1
OR
juniperjunosMatch14.1r1
OR
juniperjunosMatch14.1r2
OR
juniperjunosMatch14.1r3
OR
juniperjunosMatch14.2r1

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

61.8%

Related for CVE-2016-1270