Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-4925

Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue.

Published

2017-10-13T17:29:00.427

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-19

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	juniper	junose	≤ 10.3.3	Yes
Operating System	juniper	junose	≤ 12.3.3	Yes
Operating System	juniper	junose	≤ 13.3.3	Yes
Operating System	juniper	junose	≤ 14.3.1	Yes

References

http://www.securityfocus.com/bid/93533 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1037012 Third Party Advisory, VDB Entry ([email protected])
https://kb.juniper.net/JSA10767 Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/93533 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1037012 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://kb.juniper.net/JSA10767 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)