An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the PFE of Juniper Networks Junos OS on PTX Series and QFX10k Series allows an adjacent unauthenticated malicious user to gain access to sensitive information. PTX1000 and PTX10000 Series, and QFX10000 Series and PTX5000 Series devices sometimes do not reliably pad Ethernet packets, and thus some packets can contain fragments of system memory or data from previous packets. This issue is also known as 'Etherleak' and often detected as CVE-2003-0001. This issue affects: Juniper Networks Junos OS on PTX1000 and PTX10000 Series: All versions before 18.4R3-S11; 19.1 versions before 19.1R2-S3, 19.1R3-S7; 19.2 versions before 19.2R1-S8, 19.2R3-S4; 19.3 versions before 19.3R3-S4; 19.4 versions before 19.4R2-S5, 19.4R3-S6; 20.1 versions before 20.1R3-S2; 20.2 versions before 20.2R3-S3; 20.3 versions before 20.3R3-S2; 20.4 versions before 20.4R3-S4; 21.1 versions before 21.1R2-S1, 21.1R3; 21.2 versions before 21.2R1-S1, 21.2R2. Juniper Networks Junos OS on QFX10000 Series and PTX5000 Series: All versions before 18.3R3-S6; 18.4 versions before 18.4R2-S9, 18.4R3-S10; 19.1 versions before 19.1R2-S3, 19.1R3-S7; 19.2 versions before 19.2R1-S8, 19.2R3-S4; 19.3 versions before 19.3R3-S4; 19.4 versions before 19.4R2-S6, 19.4R3-S6; 20.1 versions before 20.1R3-S2; 20.2 versions before 20.2R3-S3; 20.3 versions before 20.3R3-S1; 20.4 versions before 20.4R3-S1; 21.1 versions before 21.1R2-S1, 21.1R3; 21.2 versions before 21.2R2.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
juniper junos 18.4 |
||
juniper junos 19.1 |
||
juniper junos 19.2 |
||
juniper junos 19.3 |
||
juniper junos 19.4 |
||
juniper junos 20.1 |
||
juniper junos 20.2 |
||
juniper junos 20.3 |
||
juniper junos 20.4 |
||
juniper junos 21.1 |
||
juniper junos 21.2 |
||
juniper junos |
||
juniper junos 18.3 |
Vulmon