Published: 05/08/2016 Updated: 26/06/2019

CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 632

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Juniper Junos OS prior to 12.1X46-D50, 12.1X47 prior to 12.1X47-D23, 12.3X48 prior to 12.3X48-D25, and 15.1X49 prior to 15.1X49-D40 on a High-End SRX-Series chassis system with one or more Application Layer Gateways (ALGs) enabled allow remote malicious users to cause a denial of service (CPU consumption, fab link failure, or flip-flop failovers) via vectors related to in-transit traffic matching ALG rules.

Vulnerable Product	Search on Vulmon	Subscribe to Product
juniper junos 12.1x46
juniper junos 12.1x47
juniper junos 12.3x48
juniper junos 15.1x49

Juniper's bug hunters fire out eight patches

The Register • Richard Chirgwin • 14 Jul 2016

Junos OS has been put through the wringer since that nasty backdoor scandal

Juniper has fired off fixes for eight security vulnerabilities. The company has been running Junos OS through the security mill since late last year, when its now-notorious backdoor hit the headlines. Junos OS systems running either generic routing encapsulation (GRE) or IP-in-IP (IPIP) tunnels are vulnerable to a kernel crash triggered by a crafted ICMP packet. The resulting denial of service attack, CVE-2016-1277, is rated high, and present in a bunch of Junos OS revisions – three in the ver...

CVE-2016-1276

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect