cvelistv5 - cve-2016-4925

CVE-2016-4925 (GCVE-0-2016-4925)

Vulnerability from cvelistv5 – Published: 2017-10-13 17:00 – Updated: 2024-09-16 20:47

Summary

Severity ?

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

denial of service

Assigner

juniper

References

URL

Tags

	https://kb.juniper.net/JSA10767	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1037012	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/93533	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	Juniper Networks	JunosE	Affected: 10.3 prior to 10.3.3p0-15 Affected: 12.3 prior to 12.3.3p0-6 Affected: 13.3 prior to 13.3.3p0-1 Affected: 14.3 prior to 14.3.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:46:39.871Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10767"
          },
          {
            "name": "1037012",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037012"
          },
          {
            "name": "93533",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93533"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "JunosE",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "status": "affected",
              "version": "10.3 prior to 10.3.3p0-15"
            },
            {
              "status": "affected",
              "version": "12.3 prior to 12.3.3p0-6"
            },
            {
              "status": "affected",
              "version": "13.3 prior to 13.3.3p0-1"
            },
            {
              "status": "affected",
              "version": "14.3 prior to 14.3.2"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue only affects E Series routers with IPv6 licensed and enabled.  Routers not configured to process IPv6 traffic are unaffected by this vulnerability."
        }
      ],
      "datePublic": "2016-10-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "denial of service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-14T09:57:01",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA10767"
        },
        {
          "name": "1037012",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037012"
        },
        {
          "name": "93533",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93533"
        }
      ],
      "title": "JUNOSe: Line Card Reset: processor exception 0x68616c74 (halt) task: scheduler, upon receipt of crafted IPv6 packet",
      "workarounds": [
        {
          "lang": "en",
          "value": "No known workaround exists for this issue."
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2016-10-12T09:00",
          "ID": "CVE-2016-4925",
          "STATE": "PUBLIC",
          "TITLE": "JUNOSe: Line Card Reset: processor exception 0x68616c74 (halt) task: scheduler, upon receipt of crafted IPv6 packet"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "JunosE",
                      "version": {
                        "version_data": [
                          {
                            "platform": "",
                            "version_value": "10.3 prior to 10.3.3p0-15"
                          },
                          {
                            "platform": "",
                            "version_value": "12.3 prior to 12.3.3p0-6"
                          },
                          {
                            "platform": "",
                            "version_value": "13.3 prior to 13.3.3p0-1"
                          },
                          {
                            "platform": "",
                            "version_value": "14.3 prior to 14.3.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue only affects E Series routers with IPv6 licensed and enabled.  Routers not configured to process IPv6 traffic are unaffected by this vulnerability."
          }
        ],
        "credit": [],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue."
            }
          ]
        },
        "exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "denial of service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10767",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA10767"
            },
            {
              "name": "1037012",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037012"
            },
            {
              "name": "93533",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93533"
            }
          ]
        },
        "solution": "JUNOSe releases containing the fix specifically include: 10.3.3p0-15, 12.3.3p0-6, 13.3.3p0-1, 14.3.2, 15.1.0, and all subsequent releases.  Hotfixes are also available upon request.\n\nThis issue is being tracked as CQ 97413 and is visible on the Customer Support website.",
        "work_around": [
          {
            "lang": "en",
            "value": "No known workaround exists for this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2016-4925",
    "datePublished": "2017-10-13T17:00:00Z",
    "dateReserved": "2016-05-18T00:00:00",
    "dateUpdated": "2024-09-16T20:47:49.179Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.3\", \"versionEndIncluding\": \"10.3.3\", \"matchCriteriaId\": \"1002930D-68F6-4A60-811C-2BF689BAC905\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.3.0\", \"versionEndIncluding\": \"12.3.3\", \"matchCriteriaId\": \"2F9CF432-FD66-4C5D-9388-BA4E913FF823\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.3.0\", \"versionEndIncluding\": \"13.3.3\", \"matchCriteriaId\": \"893A024E-6073-4E4E-9371-39D7BA12BD4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.3.0\", \"versionEndIncluding\": \"14.3.1\", \"matchCriteriaId\": \"4839563A-F732-4DDC-B39E-B4A9D5B32790\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue.\"}, {\"lang\": \"es\", \"value\": \"La recepci\\u00f3n de un paquete IPv6 especialmente mal formado y procesado por el router podr\\u00eda provocar que una tarjeta de l\\u00ednea se reinicie: processor exception 0x68616c74 (halt) in task: scheduler. La tarjeta de red se reiniciar y recupera sin la interacci\\u00f3n del usuario. Sin embargo, los paquetes espec\\u00edficamente mal formados adicionales podr\\u00edan causar reinicios continuados de la tarjeta de l\\u00ednea y causar que el servicio no est\\u00e9 disponible por un periodo extendido de tiempo. Este problema solo afecta a los routers de la serie E con IPv6 en licencia y activado. Los routers no configurados para procesar tr\\u00e1fico IPv6 no se ven afectados por esta vulnerabilidad. Juniper SIRT no conoce ninguna explotaci\\u00f3n maliciosa de esta vulnerabilidad. No hay ning\\u00fan otro producto o plataforma de Juniper Networks que se vea afectado por este problema.\"}]",
      "id": "CVE-2016-4925",
      "lastModified": "2024-11-21T02:53:14.913",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-10-13T17:29:00.427",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/93533\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037012\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.juniper.net/JSA10767\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/93533\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037012\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.juniper.net/JSA10767\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-19\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-4925\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2017-10-13T17:29:00.427\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue.\"},{\"lang\":\"es\",\"value\":\"La recepci\u00f3n de un paquete IPv6 especialmente mal formado y procesado por el router podr\u00eda provocar que una tarjeta de l\u00ednea se reinicie: processor exception 0x68616c74 (halt) in task: scheduler. La tarjeta de red se reiniciar y recupera sin la interacci\u00f3n del usuario. Sin embargo, los paquetes espec\u00edficamente mal formados adicionales podr\u00edan causar reinicios continuados de la tarjeta de l\u00ednea y causar que el servicio no est\u00e9 disponible por un periodo extendido de tiempo. Este problema solo afecta a los routers de la serie E con IPv6 en licencia y activado. Los routers no configurados para procesar tr\u00e1fico IPv6 no se ven afectados por esta vulnerabilidad. Juniper SIRT no conoce ninguna explotaci\u00f3n maliciosa de esta vulnerabilidad. No hay ning\u00fan otro producto o plataforma de Juniper Networks que se vea afectado por este problema.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-19\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3\",\"versionEndIncluding\":\"10.3.3\",\"matchCriteriaId\":\"1002930D-68F6-4A60-811C-2BF689BAC905\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.3.0\",\"versionEndIncluding\":\"12.3.3\",\"matchCriteriaId\":\"2F9CF432-FD66-4C5D-9388-BA4E913FF823\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.3.0\",\"versionEndIncluding\":\"13.3.3\",\"matchCriteriaId\":\"893A024E-6073-4E4E-9371-39D7BA12BD4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.3.0\",\"versionEndIncluding\":\"14.3.1\",\"matchCriteriaId\":\"4839563A-F732-4DDC-B39E-B4A9D5B32790\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/93533\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037012\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10767\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/93533\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037012\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10767\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CERTFR-2016-AVI-344

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	N/A	Junos OS avec J-Web activé versions antérieures à 12.1X44-D60, 12.1X46-D40, 12.1X47-D30, 12.3R11, 12.3X48-D20, 13.2X51-D39, 13.2X51-D40, 13.3R9, 14.1R6, 14.2R6, 15.1R3, 15.1X49-D20 et 16.1R1
Juniper Networks	Junos OS	Junos OS avec IPv6 versions antérieures à 11.4R13, 12.1X44-D45, 12.1X46-D30, 12.1X47-D20, 12.3R9 et 13.3R5
Juniper Networks	N/A	vMX versions antérieures à 14.1R8, 15.1F6 et 16.1
Juniper Networks	Junos OS	Junos OS versions antérieures à 12.1X46-D60, 12.1X47-D45, 12.3R12, 12.3X48-D35, 13.2R9, 13.3R9, 14.1R7, 14.1X53-D40, 14.1X55-D35, 14.2R5, 15.1F4, 15.1R3, 15.1X49-D60, 15.1X53-D70, 16.1R1

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10763 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10764 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10766 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10762 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10761 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10760 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10767 du 13 octobre 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS avec J-Web activ\u00e9 versions ant\u00e9rieures \u00e0 12.1X44-D60, 12.1X46-D40, 12.1X47-D30, 12.3R11, 12.3X48-D20, 13.2X51-D39, 13.2X51-D40, 13.3R9, 14.1R6, 14.2R6, 15.1R3, 15.1X49-D20 et 16.1R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS avec IPv6 versions ant\u00e9rieures \u00e0 11.4R13, 12.1X44-D45, 12.1X46-D30, 12.1X47-D20, 12.3R9 et 13.3R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "vMX versions ant\u00e9rieures \u00e0 14.1R8, 15.1F6 et 16.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X46-D60, 12.1X47-D45, 12.3R12, 12.3X48-D35, 13.2R9, 13.3R9, 14.1R7, 14.1X53-D40, 14.1X55-D35, 14.2R5, 15.1F4, 15.1R3, 15.1X49-D60, 15.1X53-D70, 16.1R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-4926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4926"
    },
    {
      "name": "CVE-2013-1741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1741"
    },
    {
      "name": "CVE-2013-5606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5606"
    },
    {
      "name": "CVE-2011-2749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2749"
    },
    {
      "name": "CVE-2013-1620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1620"
    },
    {
      "name": "CVE-2015-3195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3195"
    },
    {
      "name": "CVE-2016-4925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4925"
    },
    {
      "name": "CVE-2016-4931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4931"
    },
    {
      "name": "CVE-2013-1739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1739"
    },
    {
      "name": "CVE-2013-5605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5605"
    },
    {
      "name": "CVE-2016-4921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4921"
    },
    {
      "name": "CVE-2013-5607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5607"
    },
    {
      "name": "CVE-2013-0791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0791"
    },
    {
      "name": "CVE-2015-3194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3194"
    },
    {
      "name": "CVE-2016-4927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4927"
    },
    {
      "name": "CVE-2014-1491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1491"
    },
    {
      "name": "CVE-2014-1492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1492"
    },
    {
      "name": "CVE-2016-4928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4928"
    },
    {
      "name": "CVE-2013-0169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
    },
    {
      "name": "CVE-2016-4922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4922"
    },
    {
      "name": "CVE-2014-1568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1568"
    },
    {
      "name": "CVE-2011-2748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2748"
    },
    {
      "name": "CVE-2015-1794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1794"
    },
    {
      "name": "CVE-2015-5366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5366"
    },
    {
      "name": "CVE-2014-1490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1490"
    },
    {
      "name": "CVE-2011-0997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0997"
    },
    {
      "name": "CVE-2016-4924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4924"
    },
    {
      "name": "CVE-2015-3193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3193"
    },
    {
      "name": "CVE-2015-5364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5364"
    },
    {
      "name": "CVE-2013-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2596"
    },
    {
      "name": "CVE-2012-3571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3571"
    },
    {
      "name": "CVE-2015-3196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3196"
    },
    {
      "name": "CVE-2016-4929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4929"
    },
    {
      "name": "CVE-2016-4930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4930"
    },
    {
      "name": "CVE-2015-2151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2151"
    },
    {
      "name": "CVE-2014-1545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1545"
    },
    {
      "name": "CVE-2016-4923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4923"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-344",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-10-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Juniper\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10763 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10763\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10764 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10764\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10766 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10766\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10762 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10762\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10761 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10760 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10760\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10767 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10767\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2016-AVI-344

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	N/A	Junos OS avec J-Web activé versions antérieures à 12.1X44-D60, 12.1X46-D40, 12.1X47-D30, 12.3R11, 12.3X48-D20, 13.2X51-D39, 13.2X51-D40, 13.3R9, 14.1R6, 14.2R6, 15.1R3, 15.1X49-D20 et 16.1R1
Juniper Networks	Junos OS	Junos OS avec IPv6 versions antérieures à 11.4R13, 12.1X44-D45, 12.1X46-D30, 12.1X47-D20, 12.3R9 et 13.3R5
Juniper Networks	N/A	vMX versions antérieures à 14.1R8, 15.1F6 et 16.1
Juniper Networks	Junos OS	Junos OS versions antérieures à 12.1X46-D60, 12.1X47-D45, 12.3R12, 12.3X48-D35, 13.2R9, 13.3R9, 14.1R7, 14.1X53-D40, 14.1X55-D35, 14.2R5, 15.1F4, 15.1R3, 15.1X49-D60, 15.1X53-D70, 16.1R1

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10763 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10764 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10766 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10762 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10761 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10760 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10767 du 13 octobre 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS avec J-Web activ\u00e9 versions ant\u00e9rieures \u00e0 12.1X44-D60, 12.1X46-D40, 12.1X47-D30, 12.3R11, 12.3X48-D20, 13.2X51-D39, 13.2X51-D40, 13.3R9, 14.1R6, 14.2R6, 15.1R3, 15.1X49-D20 et 16.1R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS avec IPv6 versions ant\u00e9rieures \u00e0 11.4R13, 12.1X44-D45, 12.1X46-D30, 12.1X47-D20, 12.3R9 et 13.3R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "vMX versions ant\u00e9rieures \u00e0 14.1R8, 15.1F6 et 16.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X46-D60, 12.1X47-D45, 12.3R12, 12.3X48-D35, 13.2R9, 13.3R9, 14.1R7, 14.1X53-D40, 14.1X55-D35, 14.2R5, 15.1F4, 15.1R3, 15.1X49-D60, 15.1X53-D70, 16.1R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-4926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4926"
    },
    {
      "name": "CVE-2013-1741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1741"
    },
    {
      "name": "CVE-2013-5606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5606"
    },
    {
      "name": "CVE-2011-2749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2749"
    },
    {
      "name": "CVE-2013-1620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1620"
    },
    {
      "name": "CVE-2015-3195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3195"
    },
    {
      "name": "CVE-2016-4925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4925"
    },
    {
      "name": "CVE-2016-4931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4931"
    },
    {
      "name": "CVE-2013-1739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1739"
    },
    {
      "name": "CVE-2013-5605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5605"
    },
    {
      "name": "CVE-2016-4921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4921"
    },
    {
      "name": "CVE-2013-5607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5607"
    },
    {
      "name": "CVE-2013-0791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0791"
    },
    {
      "name": "CVE-2015-3194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3194"
    },
    {
      "name": "CVE-2016-4927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4927"
    },
    {
      "name": "CVE-2014-1491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1491"
    },
    {
      "name": "CVE-2014-1492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1492"
    },
    {
      "name": "CVE-2016-4928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4928"
    },
    {
      "name": "CVE-2013-0169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
    },
    {
      "name": "CVE-2016-4922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4922"
    },
    {
      "name": "CVE-2014-1568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1568"
    },
    {
      "name": "CVE-2011-2748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2748"
    },
    {
      "name": "CVE-2015-1794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1794"
    },
    {
      "name": "CVE-2015-5366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5366"
    },
    {
      "name": "CVE-2014-1490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1490"
    },
    {
      "name": "CVE-2011-0997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0997"
    },
    {
      "name": "CVE-2016-4924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4924"
    },
    {
      "name": "CVE-2015-3193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3193"
    },
    {
      "name": "CVE-2015-5364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5364"
    },
    {
      "name": "CVE-2013-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2596"
    },
    {
      "name": "CVE-2012-3571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3571"
    },
    {
      "name": "CVE-2015-3196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3196"
    },
    {
      "name": "CVE-2016-4929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4929"
    },
    {
      "name": "CVE-2016-4930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4930"
    },
    {
      "name": "CVE-2015-2151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2151"
    },
    {
      "name": "CVE-2014-1545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1545"
    },
    {
      "name": "CVE-2016-4923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4923"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-344",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-10-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Juniper\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10763 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10763\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10764 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10764\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10766 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10766\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10762 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10762\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10761 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10760 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10760\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10767 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10767\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

GSD-2016-4925

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-4925

Aliases

CVE-2016-4925

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-4925",
    "description": "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue.",
    "id": "GSD-2016-4925"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-4925"
      ],
      "details": "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue.",
      "id": "GSD-2016-4925",
      "modified": "2023-12-13T01:21:18.790982Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "DATE_PUBLIC": "2016-10-12T09:00",
        "ID": "CVE-2016-4925",
        "STATE": "PUBLIC",
        "TITLE": "JUNOSe: Line Card Reset: processor exception 0x68616c74 (halt) task: scheduler, upon receipt of crafted IPv6 packet"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "JunosE",
                    "version": {
                      "version_data": [
                        {
                          "platform": "",
                          "version_value": "10.3 prior to 10.3.3p0-15"
                        },
                        {
                          "platform": "",
                          "version_value": "12.3 prior to 12.3.3p0-6"
                        },
                        {
                          "platform": "",
                          "version_value": "13.3 prior to 13.3.3p0-1"
                        },
                        {
                          "platform": "",
                          "version_value": "14.3 prior to 14.3.2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "configuration": [
        {
          "lang": "eng",
          "value": "This issue only affects E Series routers with IPv6 licensed and enabled.  Routers not configured to process IPv6 traffic are unaffected by this vulnerability."
        }
      ],
      "credit": [],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue."
          }
        ]
      },
      "exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "denial of service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://kb.juniper.net/JSA10767",
            "refsource": "CONFIRM",
            "url": "https://kb.juniper.net/JSA10767"
          },
          {
            "name": "1037012",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1037012"
          },
          {
            "name": "93533",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/93533"
          }
        ]
      },
      "solution": "JUNOSe releases containing the fix specifically include: 10.3.3p0-15, 12.3.3p0-6, 13.3.3p0-1, 14.3.2, 15.1.0, and all subsequent releases.  Hotfixes are also available upon request.\n\nThis issue is being tracked as CQ 97413 and is visible on the Customer Support website.",
      "work_around": [
        {
          "lang": "eng",
          "value": "No known workaround exists for this issue."
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "13.3.3",
                "versionStartIncluding": "13.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "14.3.1",
                "versionStartIncluding": "14.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.3.3",
                "versionStartIncluding": "12.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.3.3",
                "versionStartIncluding": "10.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2016-4925"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-19"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10767",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://kb.juniper.net/JSA10767"
            },
            {
              "name": "1037012",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1037012"
            },
            {
              "name": "93533",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/93533"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-10-09T23:18Z",
      "publishedDate": "2017-10-13T17:29Z"
    }
  }
}

FKIE_CVE-2016-4925

Vulnerability from fkie_nvd - Published: 2017-10-13 17:29 - Updated: 2025-04-20 01:37

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
sirt@juniper.net	http://www.securityfocus.com/bid/93533	Third Party Advisory, VDB Entry
sirt@juniper.net	http://www.securitytracker.com/id/1037012	Third Party Advisory, VDB Entry
sirt@juniper.net	https://kb.juniper.net/JSA10767	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/93533	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037012	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA10767	Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junose	*
juniper	junose	*
juniper	junose	*
juniper	junose	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1002930D-68F6-4A60-811C-2BF689BAC905",
              "versionEndIncluding": "10.3.3",
              "versionStartIncluding": "10.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F9CF432-FD66-4C5D-9388-BA4E913FF823",
              "versionEndIncluding": "12.3.3",
              "versionStartIncluding": "12.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "893A024E-6073-4E4E-9371-39D7BA12BD4A",
              "versionEndIncluding": "13.3.3",
              "versionStartIncluding": "13.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4839563A-F732-4DDC-B39E-B4A9D5B32790",
              "versionEndIncluding": "14.3.1",
              "versionStartIncluding": "14.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue."
    },
    {
      "lang": "es",
      "value": "La recepci\u00f3n de un paquete IPv6 especialmente mal formado y procesado por el router podr\u00eda provocar que una tarjeta de l\u00ednea se reinicie: processor exception 0x68616c74 (halt) in task: scheduler. La tarjeta de red se reiniciar y recupera sin la interacci\u00f3n del usuario. Sin embargo, los paquetes espec\u00edficamente mal formados adicionales podr\u00edan causar reinicios continuados de la tarjeta de l\u00ednea y causar que el servicio no est\u00e9 disponible por un periodo extendido de tiempo. Este problema solo afecta a los routers de la serie E con IPv6 en licencia y activado. Los routers no configurados para procesar tr\u00e1fico IPv6 no se ven afectados por esta vulnerabilidad. Juniper SIRT no conoce ninguna explotaci\u00f3n maliciosa de esta vulnerabilidad. No hay ning\u00fan otro producto o plataforma de Juniper Networks que se vea afectado por este problema."
    }
  ],
  "id": "CVE-2016-4925",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-10-13T17:29:00.427",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/93533"
    },
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037012"
    },
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10767"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/93533"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10767"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-19"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201710-0044

Vulnerability from variot - Updated: 2023-12-18 12:29

Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. JUNOSe Contains a data processing vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to cause a denial-of-service condition. Juniper E Series routers is a router device of Juniper Networks (Juniper Networks)

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201710-0044",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "junose",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "14.3.1"
      },
      {
        "model": "junose",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "13.3.3"
      },
      {
        "model": "junose",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "12.3.3"
      },
      {
        "model": "junose",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "13.3.0"
      },
      {
        "model": "junose",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "14.3.0"
      },
      {
        "model": "junose",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "12.3.0"
      },
      {
        "model": "junose",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "10.3.3"
      },
      {
        "model": "junose",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "10.3"
      },
      {
        "model": "junose",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junose",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "10.3.3"
      },
      {
        "model": "junose",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "14.3.1"
      },
      {
        "model": "junose",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "12.3.3"
      },
      {
        "model": "junose",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "13.3.3"
      },
      {
        "model": "junose",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "0"
      },
      {
        "model": "junose",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "15.1"
      },
      {
        "model": "junose",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "14.3.2"
      },
      {
        "model": "junose 13.3.3p0-1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junose 12.3.3p0-6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junose 10.3.3p0-15",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "93533"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008837"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4925"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-521"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "13.3.3",
                "versionStartIncluding": "13.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "14.3.1",
                "versionStartIncluding": "14.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.3.3",
                "versionStartIncluding": "12.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.3.3",
                "versionStartIncluding": "10.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-4925"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "93533"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-4925",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-4925",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-93744",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-4925",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-4925",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "sirt@juniper.net",
            "id": "CVE-2016-4925",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201710-521",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-93744",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-93744"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008837"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4925"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4925"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-521"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. JUNOSe Contains a data processing vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. \nAn attacker can exploit this issue to cause a denial-of-service condition. Juniper E Series routers is a router device of Juniper Networks (Juniper Networks)",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-4925"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008837"
      },
      {
        "db": "BID",
        "id": "93533"
      },
      {
        "db": "VULHUB",
        "id": "VHN-93744"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-4925",
        "trust": 2.8
      },
      {
        "db": "JUNIPER",
        "id": "JSA10767",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "93533",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1037012",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008837",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-521",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-93744",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-93744"
      },
      {
        "db": "BID",
        "id": "93533"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008837"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4925"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-521"
      }
    ]
  },
  "id": "VAR-201710-0044",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-93744"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:29:23.504000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "JSA10767",
        "trust": 0.8,
        "url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10767\u0026actp=metadata"
      },
      {
        "title": "Juniper E Series Repair measures for router security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75557"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008837"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-521"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-19",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-93744"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008837"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4925"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/93533"
      },
      {
        "trust": 1.7,
        "url": "https://kb.juniper.net/jsa10767"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1037012"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4925"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4925"
      },
      {
        "trust": 0.3,
        "url": "http://www.juniper.net/"
      },
      {
        "trust": 0.3,
        "url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10767\u0026cat=sirt_1\u0026actp=list"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-93744"
      },
      {
        "db": "BID",
        "id": "93533"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008837"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4925"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-521"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-93744"
      },
      {
        "db": "BID",
        "id": "93533"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008837"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4925"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-521"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-10-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-93744"
      },
      {
        "date": "2016-10-12T00:00:00",
        "db": "BID",
        "id": "93533"
      },
      {
        "date": "2017-11-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-008837"
      },
      {
        "date": "2017-10-13T17:29:00.427000",
        "db": "NVD",
        "id": "CVE-2016-4925"
      },
      {
        "date": "2017-10-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201710-521"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-93744"
      },
      {
        "date": "2016-10-26T11:05:00",
        "db": "BID",
        "id": "93533"
      },
      {
        "date": "2017-11-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-008837"
      },
      {
        "date": "2019-10-09T23:18:37.830000",
        "db": "NVD",
        "id": "CVE-2016-4925"
      },
      {
        "date": "2019-07-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201710-521"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-521"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "JUNOSe Data processing vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-008837"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201710-521"
      }
    ],
    "trust": 0.6
  }
}

GHSA-F525-2G8W-9HWV

Vulnerability from github – Published: 2022-05-13 01:38 – Updated: 2022-05-13 01:38

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-4925"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-13T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue.",
  "id": "GHSA-f525-2g8w-9hwv",
  "modified": "2022-05-13T01:38:48Z",
  "published": "2022-05-13T01:38:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4925"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA10767"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/93533"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1037012"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2016-09596

Vulnerability from cnvd - Published: 2016-10-20

Title

Juniper Junos拒绝服务漏洞（CNVD-2016-09596）

Description

Juniper Junos是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件系统的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Junos存在拒绝服务漏洞，攻击者可以通过该漏洞造成拒绝服务攻击。

Severity

中

Patch Name

Juniper Junos拒绝服务漏洞（CNVD-2016-09596）的补丁

Patch Description

Juniper Junos是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件系统的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Junos存在拒绝服务漏洞，攻击者可以通过该漏洞造成拒绝服务攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10767&cat=SIRT_1&actp=LIST

Reference

http://www.securityfocus.com/bid/93533

Impacted products

Name
Juniper Networks Juniper Junos

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "93533"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-4925"
    }
  },
  "description": "Juniper Junos\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u7cfb\u7edf\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunos SDK\u3002 \r\n\r\nJuniper Junos\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "Juniper Networks",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a \r\nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10767\u0026cat=SIRT_1\u0026actp=LIST",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-09596",
  "openTime": "2016-10-20",
  "patchDescription": "Juniper Junos\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u7cfb\u7edf\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunos SDK\u3002 \r\n\r\nJuniper Junos\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Juniper Junos\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-09596\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Juniper Networks Juniper Junos"
  },
  "referenceLink": "http://www.securityfocus.com/bid/93533",
  "serverity": "\u4e2d",
  "submitTime": "2016-10-14",
  "title": "Juniper Junos\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-09596\uff09"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-4925 (GCVE-0-2016-4925)

CERTFR-2016-AVI-344

Solution

CERTFR-2016-AVI-344

Solution

GSD-2016-4925

FKIE_CVE-2016-4925

VAR-201710-0044

GHSA-F525-2G8W-9HWV

CNVD-2016-09596

Tags

Sightings

Nomenclature