Lucene search

JuniperCVELIST:CVE-2018-0005

HistoryJan 10, 2018 - 10:00 p.m.

CVE-2018-0005 Security Bulletin: Junos OS: MAC move limit configured to drop traffic may forward traffic.

2018-01-1022:00:00

juniper

www.cve.org

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

31.6%

JSON

QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D40; 15.1X53 versions prior to 15.1X53-D55; 15.1 versions prior to 15.1R7.

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "14.1X53-D40",
        "status": "affected",
        "version": "14.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1X53-D55",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1R7",
        "status": "affected",
        "version": "15.1",
        "versionType": "custom"
      }
    ]
  }
]

References

www.securitytracker.com/id/1040182

kb.juniper.net/JSA10833

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

31.6%

JSON

Related for CVELIST:CVE-2018-0005