CVE-2018-0056 — Improper Input Validation in Networks Junos OS

CWE-20 — Improper Input Validation3 documents3 sources

Severity

5.3MEDIUMNVD

EPSS

0.2%

top 62.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos Juniper Junos OS +1 more

Timeline

PublishedOct 10

Latest updateMay 13

Description

If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between the interfaces. However, the Layer 2 Address Learning Daemon (L2ALD) daemon might crash when attempting to delete the duplicate MAC address when the particular entry is not found in the internal MAC address table. This issue only occurs on MX Series devices with l2-backhaul VPN configured. No other products or platforms are affected by this issue. Af…

CVSS vector

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 1.6 | Impact: 3.6

Affected Packages4 packages

▶juniperjuniper/mx_series

▶CVEListV5juniper_networks/junos_os15.1 — 15.1R7-S1+7

▶NVDjuniper/junos8 versions+7

▶juniperjuniper/junos_os

🔴Vulnerability Details

GHSA

GHSA-3m6q-v5hr-w29h: If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between th↗2022-05-13

▶

📋Vendor Advisories

Juniper

CVE-2018-0056: If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between th↗2018-10-10

▶