44 matches found
CVE-2021-31366 Junos OS: MX Series: In subscriber management / BBE configuration authd can crash if a subscriber with a specific username tries to login leading to a DoS
An Unchecked Return Value vulnerability in the authd authentication daemon of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an adjacent attacker to cause a crash by sending a specific username. This impacts authentication, authorization, and accounting A...
Junos OS: Broadband Edge Service Denial of Service (DoS) Vulnerability (JSA10987)
According to its self-reported version number, the remote Juniper Junos device is affected by a denial of service vulnerability due to an unspecified issue in the processing of packets destined to Broadband Edge BBE clients connected to MX Series subscriber management platforms. Receipt of a...
Code injection
Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge BBE service may trigger a kernel crash vmcore, causing the device to reboot. The issue is specific to the processing of packets destined to BBE clients connected to MX Serie...
CVE-2020-1608
CVE-2020-1608 affects Juniper Networks Junos OS on MX Series in BBE configurations. Receipt of a specific MPLS or IPv6 packet on the core-facing interface may trigger a kernel crash (vmcore) and reboot, tied to processing for BBE clients. Affected Junos versions span multiple tracks: 17.2R2-S6 on...
CVE-2020-1608 Junos OS: MX Series: In BBE configurations, receipt of a specific MPLS or IPv6 packet causes a Denial of Service
Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge BBE service may trigger a kernel crash vmcore, causing the device to reboot. The issue is specific to the processing of packets destined to BBE clients connected to MX Serie...
CVE-2019-0001
Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon bbe-smgd, and lead to high CPU usage and a crash of the bbe-smgd service. Repeated receipt of the same packet can result...
Design/Logic Flaw
Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon bbe-smgd, and lead to high CPU usage and a crash of the bbe-smgd service. Repeated receipt of the same packet can result...
CVE-2018-0058
Receipt of a specially crafted IPv6 exception packet may be able to trigger a kernel crash vmcore, causing the device to reboot. The issue is specific to the processing of Broadband Edge BBE client route processing on MX Series subscriber management platforms, introduced by the Tomcat Next...
CVE-2018-0058
Receipt of a specially crafted IPv6 exception packet may be able to trigger a kernel crash vmcore, causing the device to reboot. The issue is specific to the processing of Broadband Edge BBE client route processing on MX Series subscriber management platforms, introduced by the Tomcat Next...
CVE-2018-0058 MX Series: In BBE configurations, receipt of a crafted IPv6 exception packet causes a Denial of Service
Receipt of a specially crafted IPv6 exception packet may be able to trigger a kernel crash vmcore, causing the device to reboot. The issue is specific to the processing of Broadband Edge BBE client route processing on MX Series subscriber management platforms, introduced by the Tomcat Next...
WordPress BBE theme <= 1.52 - Direct Object Reference vulnerability
Direct Object Reference vulnerability found by Zhihua Yao in WordPress BBE theme versions = 1.52. The vulnerability allows a direct launch of an HTML editor. Solution Update the WordPress BBE theme to the latest available version at least 1.53...
CVE-2018-11244
The BBE theme before 1.53 for WordPress allows a direct launch of an HTML editor...
CVE-2018-11244
The BBE theme before 1.53 for WordPress allows a direct launch of an HTML editor...
CVE-2018-11244
The CVE-2018-11244 entry concerns the WordPress BBE theme prior to version 1.53. Multiple sources describe a Direct Object Reference vulnerability that allows direct launching of the HTML editor, implying that an attacker could indirectly trigger the HTML editor through the theme. Affected softwa...
CVE-2018-11244
The BBE theme before 1.53 for WordPress allows a direct launch of an HTML editor...
LocalTapiola: Reflected XSS of bbe-child-starter Theme via "value"-GET-parameter
This bug is related to 324442. And xss in other url. poc: https://www.lahitapiolarahoitus.fi/wp-content/themes/bbe-child-starter/bbe-engine/assets/actions/bbeopenhtmleditorpopup.php?attribute=%27%3C/script%3E%3Cbody%20onload&value=alertdocument.cookie Impact -Make admin-user run malicious...
LocalTapiola: Reflected XSS on bbe_open_htmleditor_popup.php of BBE Theme via "value"-GET-parameter
Basic report information Summary: The BBE Theme allows unauthorized access to bbeopenhtmleditorpopup.php which echoes unsanitized values of value-GET-parameter leading to reflected XSS. Description: The www.lahitapiolarahoitus.fi has Wordpress with theme BBE Theme v1.52. I did some code review an...
CVE-2018-0006
A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon bbe-smgd, and lead to a denial of service condition. The issue was caused by attempting to process an unbounded number o...
CVE-2018-0006
A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon bbe-smgd, and lead to a denial of service condition. The issue was caused by attempting to process an unbounded number o...
Design/Logic Flaw
A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon bbe-smgd, and lead to a denial of service condition. The issue was caused by attempting to process an unbounded number o...