Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-1270 (GCVE-0-2016-1270)
Vulnerability from cvelistv5 – Published: 2016-04-15 14:00 – Updated: 2024-08-05 22:48
VLAI?
EPSS
Summary
The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-04-15T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1270",
"datePublished": "2016-04-15T14:00:00",
"dateReserved": "2015-12-30T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-1270\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-04-15T14:59:06.130\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update.\"},{\"lang\":\"es\",\"value\":\"El demonio rpd en Juniper Junos OS en versiones anteriores a 12.1X44-D60, 12.1X46 en versiones anteriores a 12.1X46-D45, 12.1X47 en versiones anteriores a 12.1X47-D30, 12.3 en versiones anteriores a 12.3R9, 12.3X48 en versiones anteriores a 12.3X48-D20, 13.2 en versiones anteriores a 13.2R7, 13.2X51 en versiones anteriores a 13.2X51-D40, 13.3 en versiones anteriores a 13.3R6, 14.1 en versiones anteriores a 14.1R4 y 14.2 en versiones anteriores a 14.2R2, cuando se configura con BGP-based L2VPN o VPLS, permite a atacantes remotos provocar una deneagci\u00f3n de servicio (reinicio de demonio) a trav\u00e9s de una actualizaci\u00f3n de la familia L2VPN BGP manipulada.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-19\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:d55:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.1x44\",\"matchCriteriaId\":\"A09A1666-F215-40C4-A32D-AA2F7158036F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFB89F64-16BB-4A14-9084-B338668D7FF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"A71742CF-50B1-44BB-AB7B-27E5DCC9CF70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FD4237A-C257-4D8A-ABC4-9B2160530A4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A449C87-C5C3-48FE-9E46-64ED5DD5F193\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4B6215F-76BF-473F-B325-0975B0EB101E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1C4A10C-49A3-4103-9E56-F881113BC5D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"50E7FD07-A309-48EC-A520-C7F0FA35865C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"F868948A-04D7-473B-971F-721302653633\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BB3DE56-1B04-4A53-B4A4-93286FC98463\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x47:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"181C0D30-4476-48EE-A4A4-3B2461F4AC20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x47:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"63F559A2-2744-4771-9420-C70AA87496A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x47:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"040A6307-236E-4FAA-9A74-676F1DB0CF17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x47:d25:*:*:*:*:*:*\",\"matchCriteriaId\":\"350A0F1E-1057-4A8E-AB0B-7615B3877858\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E014A0D-0054-4EBA-BA1F-035B74BD822F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"371A7DF8-3F4B-439D-8990-D1BC6F0C25C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6F309FD-0A5A-4C86-B227-B2B511A5CEB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"960059B5-0701-4B75-AB51-0A430247D9F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D1DCA52-DA81-495B-B516-5571F01E3B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"05E187F6-BACD-4DD5-B393-B2FE4349053A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r7:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C240840-A6BC-4E3D-A60D-22F08E67E2B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:r8:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC90563F-6BCB-4D77-8FD4-584E3A6C7741\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4AC2E1E-74FB-4DA3-8292-B2079F83FF54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAB7D840-9469-4CE2-8DBF-017A44741374\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3A0A607-7D3C-4F2A-B5F5-576A70649CB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"32E9620A-7C0A-474C-919E-13609FFE580D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"672D3A38-92B4-4F33-82A6-B2D3F3403AF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5C24441-6E9D-4EF7-8903-A109A52340C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CB98C4F-617F-4F51-A86E-D1EBE2BDE583\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"A24E3EA6-810D-4885-8BE5-8A70E61E7589\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2x51:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"3947A516-2054-48B3-ADFD-3CF88EC2288D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2x51:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0951235-4A0A-4200-A7B1-9FF4540A3755\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2x51:d21:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E3A9AB1-202A-4480-8FFD-872C79325854\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2x51:d25:*:*:*:*:*:*\",\"matchCriteriaId\":\"7478F581-8A89-49D7-B9F9-E0E90BEEAEE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2x51:d26:*:*:*:*:*:*\",\"matchCriteriaId\":\"28B80348-B130-4178-BFD9-4AE390E139D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2x51:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1EE6518-C224-4019-8393-85893AC29898\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2x51:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"718A304D-1DBD-4BC1-B038-2BD4755E8793\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4AF5DAA-62F5-491F-A9CE-098970671D43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FF9FF91-9184-4D18-8288-9110E35F4AE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F2E537B-9504-4912-B231-0D83F4459469\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BCB3837-DCBC-4997-B63E-E47957584709\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C88E2B1-469B-442B-9FC0-7C9408CE3917\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FB5A368-E582-4DFD-87B4-C887DA908E47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"70ED0B93-2CFC-474F-B199-F78E1C67E8C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6237291A-B861-4D53-B7AA-C53A44B76896\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C778627-820A-48F5-9680-0205D6DB5EB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA7F03DC-73A2-4760-B386-2A57E9C97E65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CA10003-D52B-4110-9D7A-F50895E6BA17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"79149AA0-17D1-4522-894F-C025F7A30FD7\"}]}]}],\"references\":[{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
FKIE_CVE-2016-1270
Vulnerability from fkie_nvd - Published: 2016-04-15 14:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:*:d55:*:*:*:*:*:*",
"matchCriteriaId": "A09A1666-F215-40C4-A32D-AA2F7158036F",
"versionEndIncluding": "12.1x44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB89F64-16BB-4A14-9084-B338668D7FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*",
"matchCriteriaId": "A71742CF-50B1-44BB-AB7B-27E5DCC9CF70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*",
"matchCriteriaId": "4FD4237A-C257-4D8A-ABC4-9B2160530A4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*",
"matchCriteriaId": "5A449C87-C5C3-48FE-9E46-64ED5DD5F193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*",
"matchCriteriaId": "F4B6215F-76BF-473F-B325-0975B0EB101E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d30:*:*:*:*:*:*",
"matchCriteriaId": "A1C4A10C-49A3-4103-9E56-F881113BC5D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d35:*:*:*:*:*:*",
"matchCriteriaId": "50E7FD07-A309-48EC-A520-C7F0FA35865C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x46:d40:*:*:*:*:*:*",
"matchCriteriaId": "F868948A-04D7-473B-971F-721302653633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB3DE56-1B04-4A53-B4A4-93286FC98463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x47:d10:*:*:*:*:*:*",
"matchCriteriaId": "181C0D30-4476-48EE-A4A4-3B2461F4AC20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x47:d15:*:*:*:*:*:*",
"matchCriteriaId": "63F559A2-2744-4771-9420-C70AA87496A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x47:d20:*:*:*:*:*:*",
"matchCriteriaId": "040A6307-236E-4FAA-9A74-676F1DB0CF17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x47:d25:*:*:*:*:*:*",
"matchCriteriaId": "350A0F1E-1057-4A8E-AB0B-7615B3877858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E014A0D-0054-4EBA-BA1F-035B74BD822F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "371A7DF8-3F4B-439D-8990-D1BC6F0C25C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "C6F309FD-0A5A-4C86-B227-B2B511A5CEB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*",
"matchCriteriaId": "960059B5-0701-4B75-AB51-0A430247D9F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*",
"matchCriteriaId": "1D1DCA52-DA81-495B-B516-5571F01E3B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r6:*:*:*:*:*:*",
"matchCriteriaId": "05E187F6-BACD-4DD5-B393-B2FE4349053A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r7:*:*:*:*:*:*",
"matchCriteriaId": "3C240840-A6BC-4E3D-A60D-22F08E67E2B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r8:*:*:*:*:*:*",
"matchCriteriaId": "CC90563F-6BCB-4D77-8FD4-584E3A6C7741",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
"matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
"matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAB7D840-9469-4CE2-8DBF-017A44741374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "D3A0A607-7D3C-4F2A-B5F5-576A70649CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "32E9620A-7C0A-474C-919E-13609FFE580D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "672D3A38-92B4-4F33-82A6-B2D3F3403AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2:r4:*:*:*:*:*:*",
"matchCriteriaId": "F5C24441-6E9D-4EF7-8903-A109A52340C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2:r5:*:*:*:*:*:*",
"matchCriteriaId": "7CB98C4F-617F-4F51-A86E-D1EBE2BDE583",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2:r6:*:*:*:*:*:*",
"matchCriteriaId": "A24E3EA6-810D-4885-8BE5-8A70E61E7589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2x51:d15:*:*:*:*:*:*",
"matchCriteriaId": "3947A516-2054-48B3-ADFD-3CF88EC2288D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2x51:d20:*:*:*:*:*:*",
"matchCriteriaId": "D0951235-4A0A-4200-A7B1-9FF4540A3755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2x51:d21:*:*:*:*:*:*",
"matchCriteriaId": "9E3A9AB1-202A-4480-8FFD-872C79325854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2x51:d25:*:*:*:*:*:*",
"matchCriteriaId": "7478F581-8A89-49D7-B9F9-E0E90BEEAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2x51:d26:*:*:*:*:*:*",
"matchCriteriaId": "28B80348-B130-4178-BFD9-4AE390E139D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2x51:d30:*:*:*:*:*:*",
"matchCriteriaId": "D1EE6518-C224-4019-8393-85893AC29898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.2x51:d35:*:*:*:*:*:*",
"matchCriteriaId": "718A304D-1DBD-4BC1-B038-2BD4755E8793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AF5DAA-62F5-491F-A9CE-098970671D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "3FF9FF91-9184-4D18-8288-9110E35F4AE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "0F2E537B-9504-4912-B231-0D83F4459469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "4BCB3837-DCBC-4997-B63E-E47957584709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.3:r4:*:*:*:*:*:*",
"matchCriteriaId": "6C88E2B1-469B-442B-9FC0-7C9408CE3917",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.3:r5:*:*:*:*:*:*",
"matchCriteriaId": "1FB5A368-E582-4DFD-87B4-C887DA908E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:13.3:r6:*:*:*:*:*:*",
"matchCriteriaId": "70ED0B93-2CFC-474F-B199-F78E1C67E8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6237291A-B861-4D53-B7AA-C53A44B76896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "9C778627-820A-48F5-9680-0205D6DB5EB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "FA7F03DC-73A2-4760-B386-2A57E9C97E65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CA10003-D52B-4110-9D7A-F50895E6BA17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "79149AA0-17D1-4522-894F-C025F7A30FD7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update."
},
{
"lang": "es",
"value": "El demonio rpd en Juniper Junos OS en versiones anteriores a 12.1X44-D60, 12.1X46 en versiones anteriores a 12.1X46-D45, 12.1X47 en versiones anteriores a 12.1X47-D30, 12.3 en versiones anteriores a 12.3R9, 12.3X48 en versiones anteriores a 12.3X48-D20, 13.2 en versiones anteriores a 13.2R7, 13.2X51 en versiones anteriores a 13.2X51-D40, 13.3 en versiones anteriores a 13.3R6, 14.1 en versiones anteriores a 14.1R4 y 14.2 en versiones anteriores a 14.2R2, cuando se configura con BGP-based L2VPN o VPLS, permite a atacantes remotos provocar una deneagci\u00f3n de servicio (reinicio de demonio) a trav\u00e9s de una actualizaci\u00f3n de la familia L2VPN BGP manipulada."
}
],
"id": "CVE-2016-1270",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-15T14:59:06.130",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-WFVX-WP98-844M
Vulnerability from github – Published: 2022-05-17 03:56 – Updated: 2022-05-17 03:56
VLAI?
Details
The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2016-1270"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-04-15T14:59:00Z",
"severity": "HIGH"
},
"details": "The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update.",
"id": "GHSA-wfvx-wp98-844m",
"modified": "2022-05-17T03:56:34Z",
"published": "2022-05-17T03:56:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1270"
},
{
"type": "WEB",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
VAR-201604-0056
Vulnerability from variot - Updated: 2025-04-13 23:09The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. Juniper Junos is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to crash, denying service to legitimate users. Juniper Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware systems. The operating system provides a secure programming interface and Junos SDK. The following versions are affected: Juniper Networks Junos OS prior to 12.1X44-D60, 12.1X46 prior to 12.1X46-D45, 12.1X47 prior to 12.1X47-D30, 12.3 prior to 12.3R9, 12.3X48 prior to 12.3X48-D20, 13.2 Version 13.2 before R7, version 13.2X51 before 13.2X51-D40, version 13.3 before 13.3R6, version 14.1 before 14.1R4, version 14.2 before 14.2R2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0056",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "junos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "14.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "13.2x51"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "14.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "junos",
"scope": "lte",
"trust": 1.0,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "12.3x48"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "13.3r6"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "13.2x51-d40"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "12.3x48-d20"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "14.1"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "14.2"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "14.2r2"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "13.2r7"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "13.2x51"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "12.1x46-d45"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "12.3x48"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "12.3r9"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "14.1r4"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "12.1x47-d30"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "12.1x47"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002147"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-296"
},
{
"db": "NVD",
"id": "CVE-2016-1270"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:juniper:junos",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002147"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "86030"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1270",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-1270",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-90089",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-1270",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1270",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-1270",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-296",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-90089",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90089"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002147"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-296"
},
{
"db": "NVD",
"id": "CVE-2016-1270"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. Juniper Junos is prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause an affected device to crash, denying service to legitimate users. Juniper Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company\u0027s hardware systems. The operating system provides a secure programming interface and Junos SDK. The following versions are affected: Juniper Networks Junos OS prior to 12.1X44-D60, 12.1X46 prior to 12.1X46-D45, 12.1X47 prior to 12.1X47-D30, 12.3 prior to 12.3R9, 12.3X48 prior to 12.3X48-D20, 13.2 Version 13.2 before R7, version 13.2X51 before 13.2X51-D40, version 13.3 before 13.3R6, version 14.1 before 14.1R4, version 14.2 before 14.2R2",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1270"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002147"
},
{
"db": "BID",
"id": "86030"
},
{
"db": "VULHUB",
"id": "VHN-90089"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1270",
"trust": 2.8
},
{
"db": "JUNIPER",
"id": "JSA10737",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002147",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-296",
"trust": 0.7
},
{
"db": "BID",
"id": "86030",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-90089",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90089"
},
{
"db": "BID",
"id": "86030"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002147"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-296"
},
{
"db": "NVD",
"id": "CVE-2016-1270"
}
]
},
"id": "VAR-201604-0056",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90089"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:09:38.488000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "JSA10737",
"trust": 0.8,
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737"
},
{
"title": "Juniper Networks Junos OS Remediation measures for denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60956"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002147"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-296"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-19",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90089"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002147"
},
{
"db": "NVD",
"id": "CVE-2016-1270"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10737"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1270"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1270"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10737\u0026actp=rss"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10737"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90089"
},
{
"db": "BID",
"id": "86030"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002147"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-296"
},
{
"db": "NVD",
"id": "CVE-2016-1270"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90089"
},
{
"db": "BID",
"id": "86030"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002147"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-296"
},
{
"db": "NVD",
"id": "CVE-2016-1270"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-15T00:00:00",
"db": "VULHUB",
"id": "VHN-90089"
},
{
"date": "2016-04-13T00:00:00",
"db": "BID",
"id": "86030"
},
{
"date": "2016-04-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002147"
},
{
"date": "2016-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-296"
},
{
"date": "2016-04-15T14:59:06.130000",
"db": "NVD",
"id": "CVE-2016-1270"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-20T00:00:00",
"db": "VULHUB",
"id": "VHN-90089"
},
{
"date": "2016-04-13T00:00:00",
"db": "BID",
"id": "86030"
},
{
"date": "2016-04-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002147"
},
{
"date": "2016-04-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-296"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-1270"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-296"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper Junos OS of rpd Service disruption in daemon (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002147"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-296"
}
],
"trust": 0.6
}
}
CNVD-2016-02326
Vulnerability from cnvd - Published: 2016-04-19
VLAI Severity ?
Title
Juniper Networks Junos OS BGP 'family l2vpn' UPDATE拒绝服务漏洞
Description
Juniper Networks Junos OS是一套专用于该公司的硬件系统的网络操作系统。
Juniper Networks Junos OS 使用BGP based L2VPN和VPLS配置时存在安全漏洞,允许远程攻击者可利用该漏洞可提交BGP 'family l2vpn' UPDATE消息进行拒绝服务攻击。
Severity
中
Patch Name
Juniper Networks Junos OS BGP ‘family l2vpn’ UPDATE拒绝服务漏洞的补丁
Patch Description
Juniper Networks Junos OS是一套专用于该公司的硬件系统的网络操作系统。
Juniper Networks Junos OS 使用BGP based L2VPN和VPLS配置时存在安全漏洞,允许远程攻击者可利用该漏洞可提交BGP ‘family l2vpn’ UPDATE消息进行拒绝服务攻击。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下厂商提供的安全补丁以修复该漏洞: https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10737&actp=search
Reference
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10737&actp=search
Impacted products
| Name | ['Juniper Networks Junos OS 12.3(<12.3R9)', 'Juniper Networks Junos OS 13.2(<13.2R7)', 'Juniper Networks Junos OS 13.3(<13.3R6)', 'Juniper Networks Junos OS 14.1(<14.1R4)', 'Juniper Networks Junos OS 14.2(<14.2R2)', 'Juniper Networks Junos OS 12.1X47(<12.1X47-D30)', 'Juniper Networks Junos OS 12.1X48(<12.3X48-D20)', 'Juniper Networks Junos OS 13.2X51(<13.2X51-D40)', 'Juniper Networks Junos OS <12.1X44-D60'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2016-1270"
}
},
"description": "Juniper Networks Junos OS\u662f\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u7cfb\u7edf\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nJuniper Networks Junos OS \u4f7f\u7528BGP based L2VPN\u548cVPLS\u914d\u7f6e\u65f6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u63d0\u4ea4BGP \u0027family l2vpn\u0027 UPDATE\u6d88\u606f\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
"discovererName": "Juniper Networks",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737\u0026actp=search",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2016-02326",
"openTime": "2016-04-19",
"patchDescription": "Juniper Networks Junos OS\u662f\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u7cfb\u7edf\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nJuniper Networks Junos OS \u4f7f\u7528BGP based L2VPN\u548cVPLS\u914d\u7f6e\u65f6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u63d0\u4ea4BGP \u2018family l2vpn\u2019 UPDATE\u6d88\u606f\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Juniper Networks Junos OS BGP \u2018family l2vpn\u2019 UPDATE\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Juniper Networks Junos OS 12.3(\u003c12.3R9)",
"Juniper Networks Junos OS 13.2(\u003c13.2R7)",
"Juniper Networks Junos OS 13.3(\u003c13.3R6)",
"Juniper Networks Junos OS 14.1(\u003c14.1R4)",
"Juniper Networks Junos OS 14.2(\u003c14.2R2)",
"Juniper Networks Junos OS 12.1X47(\u003c12.1X47-D30)",
"Juniper Networks Junos OS 12.1X48(\u003c12.3X48-D20)",
"Juniper Networks Junos OS 13.2X51(\u003c13.2X51-D40)",
"Juniper Networks Junos OS \u003c12.1X44-D60"
]
},
"referenceLink": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737\u0026actp=search",
"serverity": "\u4e2d",
"submitTime": "2016-04-16",
"title": "Juniper Networks Junos OS BGP \u0027family l2vpn\u0027 UPDATE\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
GSD-2016-1270
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-1270",
"description": "The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update.",
"id": "GSD-2016-1270"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-1270"
],
"details": "The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update.",
"id": "GSD-2016-1270",
"modified": "2023-12-13T01:21:24.292978Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.3:r6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.3:r5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.3:r4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2:r4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x47:d20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x47:d15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x47:d10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2x51:d30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2x51:d26:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2x51:d25:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2x51:d21:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3:r7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3:r6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.2:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.3:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2x51:d15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2:r5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d35:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:*:d55:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1x44",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.3:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.3:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2x51:d35:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2x51:d20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:13.2:r6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3:r8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x47:d25:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d40:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1270"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM"
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2016-04-20T19:19Z",
"publishedDate": "2016-04-15T14:59Z"
}
}
}
CERTFR-2016-AVI-128
Vulnerability from certfr_avis - Published: 2016-04-14 - Updated: 2016-04-14
De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3X48-D30 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.1X44-D60 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1F2 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.1R6 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 13.2R7 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.2R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1X49-D10 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 13.3R9 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.1X53-D30 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.1X47-D35 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1R2 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.2R2 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.1X47-D30 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1X49-D20 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 13.2X51-D39 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1R1 | ||
| Juniper Networks | N/A | CTPOS versions antérieures à 7.2R1 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 13.3R7 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1X49-D30 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3R11 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 13.2X51-D40 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.2R4 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 15.2R1 | ||
| Juniper Networks | N/A | ScreenOS versions antérieures à 6.3.0r22 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1F5 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.2R4-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3R9 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3X48-D20 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.2R6 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.1R7 | ||
| Juniper Networks | N/A | CTPOS versions antérieures à 7.1R2 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.1X46-D45 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1X49-D40 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.2R3 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 16.1R1 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.1X46-D40 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.1X47-D25 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 13.3R8 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.2R5 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 13.2X52-D30 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.1X44-D55 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3X50-D50 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 14.1R4 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 13.3R6 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 13.2R8 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3X48-D25 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3R12 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1X53-D20 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1X49-D15 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 13.2R9 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3X48-D30",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X44-D60",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1F2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.1R6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 13.2R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.2R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1X49-D10",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 13.3R9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D30",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X47-D35",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.2R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X47-D30",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1X49-D20",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 13.2X51-D39",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "CTPOS versions ant\u00e9rieures \u00e0 7.2R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 13.3R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1X49-D30",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R11",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 13.2X51-D40",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.2R4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 15.2R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "ScreenOS versions ant\u00e9rieures \u00e0 6.3.0r22",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1F5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.2R4-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3X48-D20",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.2R6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "CTPOS versions ant\u00e9rieures \u00e0 7.1R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X46-D45",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1X49-D40",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 16.1R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X46-D40",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X47-D25",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 13.3R8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.2R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 13.2X52-D30",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X44-D55",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3X50-D50",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 14.1R4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 13.3R6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 13.2R8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3X48-D25",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1X53-D20",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1X49-D15",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 13.2R9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-1270",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1270"
},
{
"name": "CVE-2015-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3153"
},
{
"name": "CVE-2013-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1667"
},
{
"name": "CVE-2016-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1269"
},
{
"name": "CVE-2015-3183",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3183"
},
{
"name": "CVE-2015-1791",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1791"
},
{
"name": "CVE-2012-5526",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5526"
},
{
"name": "CVE-2015-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3195"
},
{
"name": "CVE-2016-0777",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0777"
},
{
"name": "CVE-2015-2613",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2613"
},
{
"name": "CVE-2015-4749",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4749"
},
{
"name": "CVE-2016-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1268"
},
{
"name": "CVE-2015-2808",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2808"
},
{
"name": "CVE-2015-3148",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3148"
},
{
"name": "CVE-2014-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3613"
},
{
"name": "CVE-2008-2827",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2827"
},
{
"name": "CVE-2016-1273",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1273"
},
{
"name": "CVE-2010-1168",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1168"
},
{
"name": "CVE-2014-8151",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8151"
},
{
"name": "CVE-2015-4000",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4000"
},
{
"name": "CVE-2016-1261",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1261"
},
{
"name": "CVE-2015-1789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1789"
},
{
"name": "CVE-2014-8150",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8150"
},
{
"name": "CVE-2005-0448",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0448"
},
{
"name": "CVE-2014-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3707"
},
{
"name": "CVE-2015-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3143"
},
{
"name": "CVE-2010-2761",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2761"
},
{
"name": "CVE-2012-5195",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5195"
},
{
"name": "CVE-2010-3172",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3172"
},
{
"name": "CVE-2012-6329",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6329"
},
{
"name": "CVE-2004-0452",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0452"
},
{
"name": "CVE-2008-5302",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5302"
},
{
"name": "CVE-2013-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4449"
},
{
"name": "CVE-2010-4410",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4410"
},
{
"name": "CVE-2016-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1271"
},
{
"name": "CVE-2015-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3145"
},
{
"name": "CVE-2015-3144",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3144"
},
{
"name": "CVE-2015-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2625"
},
{
"name": "CVE-2008-5303",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5303"
},
{
"name": "CVE-2014-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3620"
},
{
"name": "CVE-2011-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3597"
},
{
"name": "CVE-2015-2659",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2659"
},
{
"name": "CVE-2010-0212",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0212"
},
{
"name": "CVE-2016-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1274"
},
{
"name": "CVE-2011-1024",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1024"
},
{
"name": "CVE-2016-1267",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1267"
},
{
"name": "CVE-2015-2601",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2601"
},
{
"name": "CVE-2016-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1264"
},
{
"name": "CVE-2015-4748",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4748"
},
{
"name": "CVE-2014-0015",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0015"
},
{
"name": "CVE-2015-1790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1790"
},
{
"name": "CVE-2016-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0778"
}
],
"initial_release_date": "2016-04-14T00:00:00",
"last_revision_date": "2016-04-14T00:00:00",
"links": [],
"reference": "CERTFR-2016-AVI-128",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-04-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Juniper\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10732 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10732\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10733 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10733\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10747 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10747\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10739 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10739\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10734 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10734\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10743 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10743\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10725 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10725\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10746 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10746\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10736 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10736\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10730 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10730\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10737 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10737\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10735 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10723 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10723\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10727 du 13 avril 2016",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…