Vulners
Lucene search
Juniper Junos IPv6 Packet Handling Remote DoS (JSA10762)
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | Multiple Local Elevation of Privilege Vulnerabilities in Juniper Junos | 14 Oct 201600:00 | – | cnvd |
 | CVE-2016-4922 | 13 Oct 201717:00 | – | cve |
 | CVE-2016-4922 Junos: Privilege escalation vulnerabilities in Junos CLI | 13 Oct 201717:00 | – | cvelist |
 | EUVD-2016-5897 | 7 Oct 202500:30 | – | euvd |
 | Juniper Junos Multiple CLI Command Handling Local Privilege Escalations (JSA10763) | 27 Oct 201600:00 | – | nessus |
 | CVE-2016-4922 | 13 Oct 201717:29 | – | nvd |
 | Juniper Networks Junos OS Multiple Privilege Escalation Vulnerabilities | 13 Oct 201600:00 | – | openvas |
 | CVE-2016-4922 | 13 Oct 201717:29 | – | osv |
 | Design/Logic Flaw | 13 Oct 201717:29 | – | prion |
#TRUSTED 3e230743d20564a60f73f4e81e6dfb2180324db09fb9ea019db6ab53f0ec8770ab3b29a9abdb8b397c743b4ee2bbc16b9d2169b1ed57f40d092a88d3e7f2f761f883eda61cfd576b7b8226a7f9f678ac370c96ecea6dd255a58240af8c99d71844bebe188a2d71d32c8d645ea25b00909d6a874cba71f7ce637701c13b7a5956d4435982cfafde71280378cae0bd166d45ce1a8b37ae76c6fa8b85446c1b512ae1b135577de48d3ef8661c0087bf54f3fbc720ffd04be50b53128529e909116adce0616a1636cedd2bb01c22862c097a356d9fbf42e9060b2fea06d598ef015bdb070646999f88141f0c19a3aeb7d3a0d23e8cc3b090257391075531ea5ce743f3c2491cf0f9369038d1e410a4f2cb4b51e8fed8e0755b82f4cc71dacceb8cdbf2f8361c2e5a6c261fca04c76450bf5a9677b8f509b0fba624decd6a88cec80bc205b4d1dcc83ceda20add4d5301a312e30908efc83b1723b31c31b5071d100531a005ce509bd3c1e6dee5ef75e6a103ca7afd3001a729e85dc2fd8383f4bbbf6a9eef2a6ca781d28ba09243eb9b45f773981549c3415778cec7c27fe1e6766855b7cb1029c2a1e6fcef3302f4fc38913ddbac1754aea25325de681f3849815f004abf659c42a0d85b59ac5247d5f1e2ff32135f052fb98a0584240189c53b5cc859a52ea1dbe483bf4712e824f59d7156fec5d3f0940a71b1749227221a6344
#TRUST-RSA-SHA256 3b87b715ddbeaf653e6a46c3ad6040fb61c70efb9beb05c181685beb410886da6f05340c4fbca2eabe8734de59aaccdc616b8335b20b6e6f598c6e7f99488658e2cd2989ce31a7dfed33b127295952db8d5f8d8a0ee1f242c3c58f9b3757577a0e9da9f583ae75140dc0b60cb7380782318a4f45f46474d94d514bdb6269953887b8f8e3f25633bc6d57e8f09a0c5da3907e76234fa450ef440f0314f08b08b953a69f394235b6c80195d5c9ef40ef0001cb46b6619819faa43f40fb8c726e3be1977688b1e51acc3b73ae021da33259328933a18e91d6b7d08d98c5dc9204e55b1b59c084d40f5d60df8922f6859838f7395367a16e2e43cbc9630169ff4e1e99b1fdee89b2635f7a0676fbbe41115746b0f160b9f1cbccd1f56165919fa1c4c3a8298ec6b274448164d5d7f124a694eead3107562418f98bbee771ca641ad527c13189d07f28b6bc9d97bef9f31a9e93f956477ee7da361464d466aeee61f8f91a9adb9fda43b77ac6eb267440ad1eba65c61baa8966f4187bab925823fd450a6069fed949f29ab38c3965f01ac692e1c2f0fbeb3281e9936101670b7acd513f7f5e8271c2a69874c46f0d2fa02c627b1b6880a7c90e1bc5e8d5bba4abc3f828ce98c28a8b3f6446f13157bb707afdfe269135eb7d8823a89c007042133657c169b10dc317fbe293454c7440f16bb82e1028b3dabb3647a66dc97ec76ce432
#
# (C) Tenable Network Security, Inc.
#
include('compat.inc');
if (description)
{
script_id(94331);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/20");
script_cve_id("CVE-2016-4922");
script_bugtraq_id(93534);
script_xref(name:"JSA", value:"JSA10762");
script_name(english:"Juniper Junos IPv6 Packet Handling Remote DoS (JSA10762)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version number and configuration, the
remote Juniper Junos device is affected by a denial of service
vulnerability in the IPV6 implementation. An unauthenticated, remote
attacker can exploit this, via a flood of specially crafted IPv6
traffic, to exhaust available resources or cause a kernel panic.");
script_set_attribute(attribute:"see_also", value:"https://kb.juniper.net/JSA10762");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant Junos software release referenced in Juniper
advisory JSA10762.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-4922");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/12");
script_set_attribute(attribute:"patch_publication_date", value:"2016/10/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/10/27");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:juniper:junos");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Junos Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2016-2026 Tenable Network Security, Inc.");
script_dependencies("junos_version.nasl");
script_require_keys("Host/Juniper/JUNOS/Version", "Host/Juniper/model");
exit(0);
}
include("audit.inc");
include("junos_kb_cmd_func.inc");
ver = get_kb_item_or_exit('Host/Juniper/JUNOS/Version');
model = get_kb_item_or_exit('Host/Juniper/model');
fixes = make_array();
fixes['11.4'] = '11.4R13'; # or 11.4R13-S3
fixes['12.1X44'] = '12.1X44-D45';
fixes['12.1X46'] = '12.1X46-D30';
fixes['12.1X47'] = '12.1X47-D20';
fixes['12.3'] = '12.3R9';
fixes['13.3'] = '13.3R5'; # or 13.3R10
fixes['12.3X48'] = '12.3X48-D30';
fixes['14.1'] = '14.1R8';
fixes['14.1X53'] = '14.1X53-D28'; # or 14.1X53-D40
fixes['14.1X55'] = '14.1X55-D35';
fixes['14.2'] = '14.2R6';
fixes['15.1R'] = '15.1R3';
fixes['15.1F'] = '15.1F5-S2'; # or 15.1F6
fixes['15.1X49'] = '15.1X49-D40';
fixes['15.1X53'] = '15.1X53-D61'; # or 15.1X53-D70
fixes['16.1R'] = '16.1R1';
fix = check_junos(ver:ver, fixes:fixes, exit_on_fail:TRUE);
if (fix == "11.4R13")
fix += " or 11.4R13-S3";
if (fix == "13.3R5")
fix += " or 13.3R10";
if (fix == "14.1X53-D28")
fix += " or 14.1X53-D40";
if (fix == "15.1F5-S2")
fix += " or 15.1F6";
if (fix == "15.1X53-D61")
fix += " or 15.1X53-D70";
override = TRUE;
buf = junos_command_kb_item(cmd:"show interfaces");
if (buf)
{
pattern = "(inet6)";
if (!junos_check_config(buf:buf, pattern:pattern))
audit(AUDIT_HOST_NOT, 'affected because IPv6 traffic is not enabled.');
override = FALSE;
}
junos_report(ver:ver, fix:fix, model:model, override:override, severity:SECURITY_HOLE);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
20 Jan 2026 00:00Current
7.6High risk
Vulners AI Score7.6
CVSS 27.2
CVSS 37.8 - 8.4
EPSS0.00084