CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
42.6%
An Improper Input Validation vulnerability in Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending specific DHCPv6 packets to the device and crashing the FXPC service. Continued receipt and processing of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms in ACX Series: ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096 devices. Other ACX platforms are not affected from this issue. This issue affects Juniper Networks Junos OS on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096: 18.4 version 18.4R3-S7 and later versions prior to 18.4R3-S8. This issue does not affect: Juniper Networks Junos OS 18.4 versions prior to 18.4R3-S7 on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096.
[
{
"platforms": [
"ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"changes": [
{
"at": "18.4R3-S7",
"status": "affected"
},
{
"at": "18.4R3-S8",
"status": "unaffected"
}
],
"lessThan": "18.4R3-S7",
"status": "unaffected",
"version": "18.4",
"versionType": "custom"
}
]
}
]