CVE-2015-7748Improper Input Validation in Juniper Junos

CWE-20Improper Input Validation3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.5%
top 33.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper JunosJuniper Junos OS
Timeline
PublishedOct 19
Latest updateMay 17

Description

Juniper chassis with Trio (Trinity) chipset line cards and Junos OS 13.3 before 13.3R8, 14.1 before 14.1R6, 14.2 before 14.2R5, and 15.1 before 15.1R2 allow remote attackers to cause a denial of service (MPC line card crash) via a crafted uBFD packet.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDjuniper/junos4 versions+3

🔴Vulnerability Details

1
GHSA
GHSA-8v5q-pxx6-xf6f: Juniper chassis with Trio (Trinity) chipset line cards and Junos OS 132022-05-17

📋Vendor Advisories

1
Juniper
CVE-2015-7748: Juniper chassis with Trio (Trinity) chipset line cards and Junos OS 13.3 before 13.3R8, 14.1 before 14.1R6, 14.2 before 14.2R5, and 15.1 before 15.1R22015-10-19