Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-0005

QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D40; 15.1X53 versions prior to 15.1X53-D55; 15.1 versions prior to 15.1R7.

Published

2018-01-10T22:29:01.103

Last Modified

2024-11-21T03:37:20.383

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 7.4 (HIGH)

CVSSv2 Vector

AV:A/AC:L/Au:N/C:P/I:P/A:P

Access Vector: ADJACENT_NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

6.5

Impact Score

6.4

Weaknesses

Type: Primary
CWE-754

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	juniper	junos	14.1x53	Yes
Operating System	juniper	junos	14.1x53	Yes
Operating System	juniper	junos	14.1x53	Yes
Operating System	juniper	junos	14.1x53	Yes
Operating System	juniper	junos	14.1x53	Yes
Operating System	juniper	junos	14.1x53	Yes
Operating System	juniper	junos	14.1x53	Yes
Operating System	juniper	junos	14.1x53	Yes
Operating System	juniper	junos	14.1x53	Yes
Hardware	juniper	ex_rps	-	No
Hardware	juniper	ex2200	-	No
Hardware	juniper	ex2200-c	-	No
Hardware	juniper	ex2300	-	No
Hardware	juniper	ex2300-c	-	No
Hardware	juniper	ex3300	-	No
Hardware	juniper	ex3400	-	No
Hardware	juniper	ex4200	-	No
Hardware	juniper	ex4300	-	No
Hardware	juniper	ex4550	-	No
Hardware	juniper	ex4600	-	No
Hardware	juniper	ex9200	-	No
Hardware	juniper	qfx10002	-	No
Hardware	juniper	qfx10008	-	No
Hardware	juniper	qfx10016	-	No
Hardware	juniper	qfx5100	-	No
Hardware	juniper	qfx5110	-	No
Hardware	juniper	qfx5200	-	No
Operating System	juniper	junos	15.1	Yes
Operating System	juniper	junos	15.1	Yes
Operating System	juniper	junos	15.1	Yes
Operating System	juniper	junos	15.1	Yes
Operating System	juniper	junos	15.1	Yes
Operating System	juniper	junos	15.1	Yes
Hardware	juniper	ex_rps	-	No
Hardware	juniper	ex2200	-	No
Hardware	juniper	ex2200-c	-	No
Hardware	juniper	ex2300	-	No
Hardware	juniper	ex2300-c	-	No
Hardware	juniper	ex3300	-	No
Hardware	juniper	ex3400	-	No
Hardware	juniper	ex4200	-	No
Hardware	juniper	ex4300	-	No
Hardware	juniper	ex4550	-	No
Hardware	juniper	ex4600	-	No
Hardware	juniper	ex9200	-	No
Hardware	juniper	qfx10002	-	No
Hardware	juniper	qfx10008	-	No
Hardware	juniper	qfx10016	-	No
Hardware	juniper	qfx5100	-	No
Hardware	juniper	qfx5110	-	No
Hardware	juniper	qfx5200	-	No
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Operating System	juniper	junos	15.1x53	Yes
Hardware	juniper	ex_rps	-	No
Hardware	juniper	ex2200	-	No
Hardware	juniper	ex2200-c	-	No
Hardware	juniper	ex2300	-	No
Hardware	juniper	ex2300-c	-	No
Hardware	juniper	ex3300	-	No
Hardware	juniper	ex3400	-	No
Hardware	juniper	ex4200	-	No
Hardware	juniper	ex4300	-	No
Hardware	juniper	ex4550	-	No
Hardware	juniper	ex4600	-	No
Hardware	juniper	ex9200	-	No
Hardware	juniper	qfx10002	-	No
Hardware	juniper	qfx10008	-	No
Hardware	juniper	qfx10016	-	No
Hardware	juniper	qfx5100	-	No
Hardware	juniper	qfx5110	-	No
Hardware	juniper	qfx5200	-	No

References

http://www.securitytracker.com/id/1040182 Third Party Advisory, VDB Entry ([email protected])
https://kb.juniper.net/JSA10833 Mitigation, Vendor Advisory ([email protected])
http://www.securitytracker.com/id/1040182 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://kb.juniper.net/JSA10833 Mitigation, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)