Published: 09/09/2016 Updated: 01/09/2017

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Juniper Junos OS prior to 12.1X46-D45, 12.1X46-D50, 12.1X47 prior to 12.1X47-D35, 12.3X48 prior to 12.3X48-D30, 13.3 prior to 13.3R9-S1, 14.1 prior to 14.1R7, 14.2 prior to 14.2R6, 15.1 prior to 15.1F2-S5, 15.1F4 prior to 15.1F4-S2, 15.1R prior to 15.1R2-S3, 15.1 prior to 15.1R3, and 15.1X49 prior to 15.1X49-D40 allow remote malicious users to cause a denial of service (kernel crash) via a crafted UDP packet destined to the interface IP address of a 64-bit OS device.

Vulnerable Product	Search on Vulmon	Subscribe to Product
juniper junos 15.1
juniper junos 12.1x47
juniper junos 12.3x48
juniper junos 14.1
juniper junos 13.3
juniper junos 15.1x49
juniper junos 14.2
juniper junos

Juniper's bug hunters fire out eight patches

The Register • Richard Chirgwin • 14 Jul 2016

Junos OS has been put through the wringer since that nasty backdoor scandal

Juniper has fired off fixes for eight security vulnerabilities. The company has been running Junos OS through the security mill since late last year, when its now-notorious backdoor hit the headlines. Junos OS systems running either generic routing encapsulation (GRE) or IP-in-IP (IPIP) tunnels are vulnerable to a kernel crash triggered by a crafted ICMP packet. The resulting denial of service attack, CVE-2016-1277, is rated high, and present in a bunch of Junos OS revisions – three in the ver...

CVE-2016-1263

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect