Lucene search

[email protected]CVE-2016-1277

HistorySep 09, 2016 - 2:05 p.m.

CVE-2016-1277

2016-09-0914:05:04

CWE-20

[email protected]

web.nvd.nist.gov

juniper

junos os

denial of service

kernel panic

cve-2016-1277

gre

ipip tunnel

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.7 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.2%

JSON

Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D40, 12.3X48 before 12.3X48-D30, 13.3 before 13.3R9, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R6, 15.1 before 15.1F6 or 15.1R3, and 15.1X49 before 15.1X49-D40, when configured with a GRE or IPIP tunnel, allow remote attackers to cause a denial of service (kernel panic) via a crafted ICMP packet.

Affected configurations

NVD

Node

juniperjunosRange≤12.1x46d45

juniperjunosMatch12.1x47

juniperjunosMatch12.1x47d10

juniperjunosMatch12.1x47d15

juniperjunosMatch12.1x47d20

juniperjunosMatch12.1x47d25

juniperjunosMatch12.1x47d30

juniperjunosMatch12.1x47d35

juniperjunosMatch12.3x48d10

juniperjunosMatch12.3x48d15

juniperjunosMatch12.3x48d25

juniperjunosMatch13.3

juniperjunosMatch13.3r1

juniperjunosMatch13.3r2

juniperjunosMatch13.3r2-s2

juniperjunosMatch13.3r3

juniperjunosMatch13.3r4

juniperjunosMatch13.3r5

juniperjunosMatch13.3r6

juniperjunosMatch13.3r7

juniperjunosMatch13.3r8

juniperjunosMatch14.1

juniperjunosMatch14.1r1

juniperjunosMatch14.1r2

juniperjunosMatch14.1r3

juniperjunosMatch14.1r4

juniperjunosMatch14.1r5

juniperjunosMatch14.1r6

juniperjunosMatch14.1r7

juniperjunosMatch14.1x53

juniperjunosMatch14.1x53d10

juniperjunosMatch14.1x53d15

juniperjunosMatch14.1x53d16

juniperjunosMatch14.1x53d25

juniperjunosMatch14.1x53d26

juniperjunosMatch14.1x53d27

juniperjunosMatch14.1x53d30

juniperjunosMatch14.1x53d35

juniperjunosMatch14.2r1

juniperjunosMatch14.2r2

juniperjunosMatch14.2r3

juniperjunosMatch14.2r4

juniperjunosMatch14.2r5

juniperjunosMatch15.1f2

juniperjunosMatch15.1f3

juniperjunosMatch15.1f4

juniperjunosMatch15.1f5

juniperjunosMatch15.1r1

juniperjunosMatch15.1r2

juniperjunosMatch15.1r3

juniperjunosMatch15.1x49d10

juniperjunosMatch15.1x49d20

juniperjunosMatch15.1x49d35

CPENameOperatorVersion
juniper:junosjuniper junosle12.1x46
juniper:junosjuniper junoseq12.1x47
juniper:junosjuniper junoseq12.3x48
juniper:junosjuniper junoseq13.3
juniper:junosjuniper junoseq14.1
juniper:junosjuniper junoseq14.1x53
juniper:junosjuniper junoseq14.2
juniper:junosjuniper junoseq15.1
juniper:junosjuniper junoseq15.1x49

CPE	Name	Operator	Version
juniper:junos	juniper junos	le	12.1x46
juniper:junos	juniper junos	eq	12.1x47
juniper:junos	juniper junos	eq	12.3x48
juniper:junos	juniper junos	eq	13.3
juniper:junos	juniper junos	eq	14.1
juniper:junos	juniper junos	eq	14.1x53
juniper:junos	juniper junos	eq	14.2
juniper:junos	juniper junos	eq	15.1
juniper:junos	juniper junos	eq	15.1x49

References

kb.juniper.net/InfoCenter/index?page=content&id=JSA10752

www.securityfocus.com/bid/91755

www.securitytracker.com/id/1036306

Social References

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.7 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.2%

JSON

Related for CVE-2016-1277

openvas1 cvelist1 nvd1 prion1 nessus1 threatpost1