CVE-2016-1257 - Vulnerability Details

The Routing Engine in Juniper Junos OS 13.2R5 through 13.2R8, 13.3R1 before 13.3R8, 13.3R7 before 13.3R7-S3, 14.1R1 before 14.1R6, 14.1R3 before 14.1R3-S9, 14.1R4 before 14.1R4-S7, 14.1X51 before 14.1X51-D65, 14.1X53 before 14.1X53-D12, 14.1X53 before 14.1X53-D28, 14.1X53 before 4.1X53-D35, 14.2R1 before 14.2R5, 14.2R3 before 14.2R3-S4, 14.2R4 before 14.2R4-S1, 15.1 before 15.1R3, 15.1F2 before 15.1F2-S2, and 15.1X49 before 15.1X49-D40, when LDP is enabled, allows remote attackers to cause a denial of service (RPD routing process crash) via a crafted LDP packet.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Juniper	Junos

Configuration 1 [-]

OR	cpe:2.3:o:juniper:junos:13.2:r5::::::
	cpe:2.3:o:juniper:junos:13.2:r6::::::
	cpe:2.3:o:juniper:junos:13.2:r7::::::
	cpe:2.3:o:juniper:junos:13.2:r7-s1::::::
	cpe:2.3:o:juniper:junos:13.2:r7-s2::::::
	cpe:2.3:o:juniper:junos:13.3:r1::::::
	cpe:2.3:o:juniper:junos:13.3:r2::::::
	cpe:2.3:o:juniper:junos:13.3:r3::::::
	cpe:2.3:o:juniper:junos:13.3:r4::::::
	cpe:2.3:o:juniper:junos:13.3:r5::::::
	cpe:2.3:o:juniper:junos:13.3:r6::::::
	cpe:2.3:o:juniper:junos:13.3:r7::::::
	cpe:2.3:o:juniper:junos:14.1:r1::::::
	cpe:2.3:o:juniper:junos:14.1:r2::::::
	cpe:2.3:o:juniper:junos:14.1:r3::::::
	cpe:2.3:o:juniper:junos:14.1:r4::::::
	cpe:2.3:o:juniper:junos:14.1:r5::::::
	cpe:2.3:o:juniper:junos:14.1x51:::::::*
	cpe:2.3:o:juniper:junos:14.1x51:d60::::::
	cpe:2.3:o:juniper:junos:14.1x53:::::::*
	cpe:2.3:o:juniper:junos:14.1x53:d10::::::
	cpe:2.3:o:juniper:junos:14.1x53:d15::::::
	cpe:2.3:o:juniper:junos:14.1x53:d25::::::
	cpe:2.3:o:juniper:junos:14.1x53:d26::::::
	cpe:2.3:o:juniper:junos:14.2:r1::::::
	cpe:2.3:o:juniper:junos:14.2:r2::::::
	cpe:2.3:o:juniper:junos:14.2:r3::::::
	cpe:2.3:o:juniper:junos:14.2:r4::::::
	cpe:2.3:o:juniper:junos:15.1:::::::*
	cpe:2.3:o:juniper:junos:15.1:f2::::::
	cpe:2.3:o:juniper:junos:15.1:f2-s1::::::
	cpe:2.3:o:juniper:junos:15.1:r1::::::
	cpe:2.3:o:juniper:junos:15.1:r2::::::
	cpe:2.3:o:juniper:junos:15.1x49:d10::::::
	cpe:2.3:o:juniper:junos:15.1x49:d20::::::

No data.

References

Link	Providers
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10715
http://www.securitytracker.com/id/1035117

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2016-01-15T19:00:00

Updated: 2024-08-05T22:48:13.782Z

Reserved: 2015-12-30T00:00:00

Link: CVE-2016-1257

Vulnrichment

No data.

NVD

Status : Modified

Published: 2016-01-15T19:59:06.210

Modified: 2024-11-21T02:46:03.120

Link: CVE-2016-1257

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object