CVE-2016-1273 — Juniper Junos vulnerability

CWE-3103 documents3 sources

Severity

5.9MEDIUMNVD

EPSS

0.2%

top 60.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Junos Juniper Junos OS Juniper QFX Series

Timeline

PublishedApr 15

Latest updateMay 17

Description

Juniper Junos OS before 13.2X51-D40, 14.x before 14.1X53-D30, and 15.x before 15.1X53-D20 on QFX5100 and QFX10002 switches do not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic encryption and authentication protection mechanisms via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages3 packages

▶NVDjuniper/junos13.2x51+4

▶juniperjuniper/junos_os

▶juniperjuniper/qfx_series

🔴Vulnerability Details

GHSA

GHSA-hrrj-422q-hxgf: Juniper Junos OS before 13↗2022-05-17

▶

📋Vendor Advisories

Juniper

CVE-2016-1273: Juniper Junos OS before 13.2X51-D40, 14.x before 14.1X53-D30, and 15.x before 15.1X53-D20 on QFX5100 and QFX10002 switches do not have sufficient entr↗2016-04-15

▶