Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-1260

Juniper Junos OS before 13.2X51-D36, 14.1X53 before 14.1X53-D25, and 15.2 before 15.2R1 on EX4300 series switches allow remote attackers to cause a denial of service (network loop and bandwidth consumption) via unspecified vectors related to Spanning Tree Protocol (STP) traffic.

Published

2016-01-15T19:59:08.400

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 5.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-399

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	juniper	junos	13.2x51	Yes
Operating System	juniper	junos	13.2x51	Yes
Operating System	juniper	junos	13.2x51	Yes
Operating System	juniper	junos	13.2x51	Yes
Operating System	juniper	junos	13.2x51	Yes
Operating System	juniper	junos	13.2x51	Yes
Operating System	juniper	junos	13.2x51	Yes
Operating System	juniper	junos	14.1x53	Yes
Operating System	juniper	junos	14.1x53	Yes
Operating System	juniper	junos	14.1x53	Yes
Operating System	juniper	junos	14.1x53	Yes
Operating System	juniper	junos	14.1x53	Yes
Operating System	juniper	junos	15.2	Yes

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10719 Vendor Advisory ([email protected])
http://www.securitytracker.com/id/1035106 ([email protected])
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10719 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1035106 (af854a3a-2127-422b-91ae-364da2661108)