Published: 09/09/2016 Updated: 01/09/2017

CVSS v2 Base Score: 6.1 | Impact Score: 6.9 | Exploitability Score: 6.5

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 543

Vector: AV:A/AC:L/Au:N/C:N/I:N/A:C

Juniper Junos OS prior to 13.3R9, 14.1R6 prior to 14.1R6-S1, and 14.1 prior to 14.1R7, when configured with VPLS routing-instances, allows remote malicious users to obtain sensitive mbuf information by injecting a flood of Ethernet frames with IPv6 MAC addresses directly into a connected interface.

Vulnerable Product	Search on Vulmon	Subscribe to Product
juniper junos 14.1
juniper junos

Juniper's bug hunters fire out eight patches

The Register • Richard Chirgwin • 14 Jul 2016

Junos OS has been put through the wringer since that nasty backdoor scandal

Juniper has fired off fixes for eight security vulnerabilities. The company has been running Junos OS through the security mill since late last year, when its now-notorious backdoor hit the headlines. Junos OS systems running either generic routing encapsulation (GRE) or IP-in-IP (IPIP) tunnels are vulnerable to a kernel crash triggered by a crafted ICMP packet. The resulting denial of service attack, CVE-2016-1277, is rated high, and present in a bunch of Junos OS revisions – three in the ver...

CVE-2016-1275

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect