CVE-2016-1275 — Juniper Junos vulnerability

CWE-3993 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.4%

top 42.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Junos Juniper Junos OS

Timeline

PublishedSep 9

Latest updateMay 17

Description

Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 before 14.1R7, when configured with VPLS routing-instances, allows remote attackers to obtain sensitive mbuf information by injecting a flood of Ethernet frames with IPv6 MAC addresses directly into a connected interface.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDjuniper/junos13.3+1

▶juniperjuniper/junos_os

🔴Vulnerability Details

GHSA

GHSA-936x-q94x-696j: Juniper Junos OS before 13↗2022-05-17

▶

📋Vendor Advisories

Juniper

CVE-2016-1275: Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 before 14.1R7, when configured with VPLS routing-instances, allows remote attackers↗2016-09-09

▶