VAR-201710-0044
Vulnerability from variot - Updated: 2023-12-18 12:29Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. JUNOSe Contains a data processing vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. An attacker can exploit this issue to cause a denial-of-service condition. Juniper E Series routers is a router device of Juniper Networks (Juniper Networks)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0044",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "junose",
"scope": "lte",
"trust": 1.0,
"vendor": "juniper",
"version": "14.3.1"
},
{
"model": "junose",
"scope": "lte",
"trust": 1.0,
"vendor": "juniper",
"version": "13.3.3"
},
{
"model": "junose",
"scope": "lte",
"trust": 1.0,
"vendor": "juniper",
"version": "12.3.3"
},
{
"model": "junose",
"scope": "gte",
"trust": 1.0,
"vendor": "juniper",
"version": "13.3.0"
},
{
"model": "junose",
"scope": "gte",
"trust": 1.0,
"vendor": "juniper",
"version": "14.3.0"
},
{
"model": "junose",
"scope": "gte",
"trust": 1.0,
"vendor": "juniper",
"version": "12.3.0"
},
{
"model": "junose",
"scope": "lte",
"trust": 1.0,
"vendor": "juniper",
"version": "10.3.3"
},
{
"model": "junose",
"scope": "gte",
"trust": 1.0,
"vendor": "juniper",
"version": "10.3"
},
{
"model": "junose",
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "junose",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.3.3"
},
{
"model": "junose",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "14.3.1"
},
{
"model": "junose",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.3.3"
},
{
"model": "junose",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "13.3.3"
},
{
"model": "junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junose",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "15.1"
},
{
"model": "junose",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "14.3.2"
},
{
"model": "junose 13.3.3p0-1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junose 12.3.3p0-6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junose 10.3.3p0-15",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "93533"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008837"
},
{
"db": "NVD",
"id": "CVE-2016-4925"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-521"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.3.3",
"versionStartIncluding": "13.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.3.1",
"versionStartIncluding": "14.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.3.3",
"versionStartIncluding": "12.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junose:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.3.3",
"versionStartIncluding": "10.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4925"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "93533"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4925",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-4925",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-93744",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-4925",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4925",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "sirt@juniper.net",
"id": "CVE-2016-4925",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-521",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-93744",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93744"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008837"
},
{
"db": "NVD",
"id": "CVE-2016-4925"
},
{
"db": "NVD",
"id": "CVE-2016-4925"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-521"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. JUNOSe Contains a data processing vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. \nAn attacker can exploit this issue to cause a denial-of-service condition. Juniper E Series routers is a router device of Juniper Networks (Juniper Networks)",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4925"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008837"
},
{
"db": "BID",
"id": "93533"
},
{
"db": "VULHUB",
"id": "VHN-93744"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4925",
"trust": 2.8
},
{
"db": "JUNIPER",
"id": "JSA10767",
"trust": 2.0
},
{
"db": "BID",
"id": "93533",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1037012",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008837",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-521",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-93744",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93744"
},
{
"db": "BID",
"id": "93533"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008837"
},
{
"db": "NVD",
"id": "CVE-2016-4925"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-521"
}
]
},
"id": "VAR-201710-0044",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-93744"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:29:23.504000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "JSA10767",
"trust": 0.8,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10767\u0026actp=metadata"
},
{
"title": "Juniper E Series Repair measures for router security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75557"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008837"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-521"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-19",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93744"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008837"
},
{
"db": "NVD",
"id": "CVE-2016-4925"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/93533"
},
{
"trust": 1.7,
"url": "https://kb.juniper.net/jsa10767"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1037012"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4925"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4925"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/"
},
{
"trust": 0.3,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10767\u0026cat=sirt_1\u0026actp=list"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93744"
},
{
"db": "BID",
"id": "93533"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008837"
},
{
"db": "NVD",
"id": "CVE-2016-4925"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-521"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-93744"
},
{
"db": "BID",
"id": "93533"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008837"
},
{
"db": "NVD",
"id": "CVE-2016-4925"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-521"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-13T00:00:00",
"db": "VULHUB",
"id": "VHN-93744"
},
{
"date": "2016-10-12T00:00:00",
"db": "BID",
"id": "93533"
},
{
"date": "2017-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008837"
},
{
"date": "2017-10-13T17:29:00.427000",
"db": "NVD",
"id": "CVE-2016-4925"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-521"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-93744"
},
{
"date": "2016-10-26T11:05:00",
"db": "BID",
"id": "93533"
},
{
"date": "2017-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008837"
},
{
"date": "2019-10-09T23:18:37.830000",
"db": "NVD",
"id": "CVE-2016-4925"
},
{
"date": "2019-07-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-521"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-521"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "JUNOSe Data processing vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008837"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-521"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…