CVE-2016-1277

EPSS 0.58%
Published 09.09.2016 14:05:04
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D40, 12.3X48 before 12.3X48-D30, 13.3 before 13.3R9, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R6, 15.1 before 15.1F6 or 15.1R3, and 15.1X49 before 15.1X49-D40, when configured with a GRE or IPIP tunnel, allow remote attackers to cause a denial of service (kernel panic) via a crafted ICMP packet.

Affected products Warnungen 0 Metrics 3 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Juniper ≫ Junos Updated45 Version <= 12.1x46

Juniper ≫ Junos Version12.1x47

Juniper ≫ Junos Version12.1x47 Updated10

Juniper ≫ Junos Version12.1x47 Updated15

Juniper ≫ Junos Version12.1x47 Updated20

Juniper ≫ Junos Version12.1x47 Updated25

Juniper ≫ Junos Version12.1x47 Updated30

Juniper ≫ Junos Version12.1x47 Updated35

Juniper ≫ Junos Version12.3x48 Updated10

Juniper ≫ Junos Version12.3x48 Updated15

Juniper ≫ Junos Version12.3x48 Updated25

Juniper ≫ Junos Version13.3

Juniper ≫ Junos Version13.3 Updater1

Juniper ≫ Junos Version13.3 Updater2

Juniper ≫ Junos Version13.3 Updater2-s2

Juniper ≫ Junos Version13.3 Updater3

Juniper ≫ Junos Version13.3 Updater4

Juniper ≫ Junos Version13.3 Updater5

Juniper ≫ Junos Version13.3 Updater6

Juniper ≫ Junos Version13.3 Updater7

Juniper ≫ Junos Version13.3 Updater8

Juniper ≫ Junos Version14.1

Juniper ≫ Junos Version14.1 Updater1

Juniper ≫ Junos Version14.1 Updater2

Juniper ≫ Junos Version14.1 Updater3

Juniper ≫ Junos Version14.1 Updater4

Juniper ≫ Junos Version14.1 Updater5

Juniper ≫ Junos Version14.1 Updater6

Juniper ≫ Junos Version14.1 Updater7

Juniper ≫ Junos Version14.1x53

Juniper ≫ Junos Version14.1x53 Updated10

Juniper ≫ Junos Version14.1x53 Updated15

Juniper ≫ Junos Version14.1x53 Updated16

Juniper ≫ Junos Version14.1x53 Updated25

Juniper ≫ Junos Version14.1x53 Updated26

Juniper ≫ Junos Version14.1x53 Updated27

Juniper ≫ Junos Version14.1x53 Updated30

Juniper ≫ Junos Version14.1x53 Updated35

Juniper ≫ Junos Version14.2 Updater1

Juniper ≫ Junos Version14.2 Updater2

Juniper ≫ Junos Version14.2 Updater3

Juniper ≫ Junos Version14.2 Updater4

Juniper ≫ Junos Version14.2 Updater5

Juniper ≫ Junos Version15.1 Updatef2

Juniper ≫ Junos Version15.1 Updatef3

Juniper ≫ Junos Version15.1 Updatef4

Juniper ≫ Junos Version15.1 Updatef5

Juniper ≫ Junos Version15.1 Updater1

Juniper ≫ Junos Version15.1 Updater2

Juniper ≫ Junos Version15.1 Updater3

Juniper ≫ Junos Version15.1x49 Updated10

Juniper ≫ Junos Version15.1x49 Updated20

Juniper ≫ Junos Version15.1x49 Updated35

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.58%	0.663

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10752

Vendor Advisory

Mitigation

http://www.securityfocus.com/bid/91755

http://www.securitytracker.com/id/1036306

https://nvd.nist.gov/vuln/detail/CVE-2016-1277

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-1277

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-1277

EUVD