Published: 09/09/2016 Updated: 01/09/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

J-Web in Juniper Junos OS prior to 12.1X46-D45, 12.1X46-D50, 12.1X47 prior to 12.1X47-D35, 12.3 prior to 12.3R12, 12.3X48 prior to 12.3X48-D25, 13.3 prior to 13.3R10, 13.3R9 prior to 13.3R9-S1, 14.1 prior to 14.1R7, 14.1X53 prior to 14.1X53-D35, 14.2 prior to 14.2R6, 15.1 prior to 15.1A2 or 15.1F4, 15.1X49 prior to 15.1X49-D30, and 15.1R prior to 15.1R3 might allow remote malicious users to obtain sensitive information and consequently gain administrative privileges via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
juniper junos 14.1x53
juniper junos 15.1
juniper junos 14.2
juniper junos 13.3
juniper junos 14.1
juniper junos 12.3
juniper junos
juniper junos 15.1x49
juniper junos 12.1x46
juniper junos 12.3x48
juniper junos 12.1x47

Juniper's bug hunters fire out eight patches

The Register • Richard Chirgwin • 14 Jul 2016

Junos OS has been put through the wringer since that nasty backdoor scandal

Juniper has fired off fixes for eight security vulnerabilities. The company has been running Junos OS through the security mill since late last year, when its now-notorious backdoor hit the headlines. Junos OS systems running either generic routing encapsulation (GRE) or IP-in-IP (IPIP) tunnels are vulnerable to a kernel crash triggered by a crafted ICMP packet. The resulting denial of service attack, CVE-2016-1277, is rated high, and present in a bunch of Junos OS revisions – three in the ver...

CVE-2016-1279

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect