Lucene search

[email protected]CVE-2016-1270

HistoryApr 15, 2016 - 2:59 p.m.

CVE-2016-1270

2016-04-1514:59:06

CWE-19

[email protected]

web.nvd.nist.gov

information security

vulnerability

cve-2016-1270

juniper

junos os

rpd daemon

bgp

l2vpn

vpls

denial of service

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.9%

JSON

The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update.

Affected configurations

NVD

Node

juniperjunosRange≤12.1x44d55

juniperjunosMatch12.1x46

juniperjunosMatch12.1x46d10

juniperjunosMatch12.1x46d15

juniperjunosMatch12.1x46d20

juniperjunosMatch12.1x46d25

juniperjunosMatch12.1x46d30

juniperjunosMatch12.1x46d35

juniperjunosMatch12.1x46d40

juniperjunosMatch12.1x47

juniperjunosMatch12.1x47d10

juniperjunosMatch12.1x47d15

juniperjunosMatch12.1x47d20

juniperjunosMatch12.1x47d25

juniperjunosMatch12.3

juniperjunosMatch12.3r1

juniperjunosMatch12.3r2

juniperjunosMatch12.3r3

juniperjunosMatch12.3r4

juniperjunosMatch12.3r5

juniperjunosMatch12.3r6

juniperjunosMatch12.3r7

juniperjunosMatch12.3r8

juniperjunosMatch12.3x48d10

juniperjunosMatch12.3x48d15

juniperjunosMatch13.2

juniperjunosMatch13.2r1

juniperjunosMatch13.2r2

juniperjunosMatch13.2r3

juniperjunosMatch13.2r4

juniperjunosMatch13.2r5

juniperjunosMatch13.2r6

juniperjunosMatch13.2x51d15

juniperjunosMatch13.2x51d20

juniperjunosMatch13.2x51d21

juniperjunosMatch13.2x51d25

juniperjunosMatch13.2x51d26

juniperjunosMatch13.2x51d30

juniperjunosMatch13.2x51d35

juniperjunosMatch13.3

juniperjunosMatch13.3r1

juniperjunosMatch13.3r2

juniperjunosMatch13.3r3

juniperjunosMatch13.3r4

juniperjunosMatch13.3r5

juniperjunosMatch13.3r6

juniperjunosMatch14.1

juniperjunosMatch14.1r1

juniperjunosMatch14.1r2

juniperjunosMatch14.1r3

juniperjunosMatch14.2r1

CPENameOperatorVersion
juniper:junosjuniper junosle12.1x44
juniper:junosjuniper junoseq12.1x46
juniper:junosjuniper junoseq12.1x47
juniper:junosjuniper junoseq12.3
juniper:junosjuniper junoseq12.3x48
juniper:junosjuniper junoseq13.2
juniper:junosjuniper junoseq13.2x51
juniper:junosjuniper junoseq13.3
juniper:junosjuniper junoseq14.1
juniper:junosjuniper junoseq14.2

CPE	Name	Operator	Version
juniper:junos	juniper junos	le	12.1x44
juniper:junos	juniper junos	eq	12.1x46
juniper:junos	juniper junos	eq	12.1x47
juniper:junos	juniper junos	eq	12.3
juniper:junos	juniper junos	eq	12.3x48
juniper:junos	juniper junos	eq	13.2
juniper:junos	juniper junos	eq	13.2x51
juniper:junos	juniper junos	eq	13.3
juniper:junos	juniper junos	eq	14.1
juniper:junos	juniper junos	eq	14.2

References

kb.juniper.net/InfoCenter/index?page=content&id=JSA10737

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.9%

JSON

Related for CVE-2016-1270

nvd1 prion1 cvelist1 openvas1