Improper input validation in Juniper Junos OS - CVE-2018-0016
Published: April 16, 2018 / Updated: April 17, 2018
Vulnerability identifier: #VU11839
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2018-0016
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Juniper Networks, Inc.
Affected software:
Juniper Junos OS
Juniper Junos OS
Detailed vulnerability description
The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The weakness exists due to unspecified flaw. A remote attacker can submit specially crafted CLNP packets, cause the service to crash or execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
The weakness exists due to unspecified flaw. A remote attacker can submit specially crafted CLNP packets, cause the service to crash or execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
How to mitigate CVE-2018-0016
Update to versions 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5, 15.1X49-D60, 15.1X53-D66, 15.1X53-D233, 15.1X53-D471, 16.1R1 or later.