Описание
Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 before 14.1R7, when configured with VPLS routing-instances, allows remote attackers to obtain sensitive mbuf information by injecting a flood of Ethernet frames with IPv6 MAC addresses directly into a connected interface.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 13.3 (включая)
Одно из
cpe:2.3:o:juniper:junos:*:r8:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:14.1:r4:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:14.1:r5:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:14.1:r6:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.0035
Низкий
6.5 Medium
CVSS3
6.1 Medium
CVSS2
Дефекты
CWE-399
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 before 14.1R7, when configured with VPLS routing-instances, allows remote attackers to obtain sensitive mbuf information by injecting a flood of Ethernet frames with IPv6 MAC addresses directly into a connected interface.
EPSS
Процентиль: 57%
0.0035
Низкий
6.5 Medium
CVSS3
6.1 Medium
CVSS2
Дефекты
CWE-399