7.5

CVE-2017-2304

Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS 14.1X53 prior to 14.1X53-D40, 15.1X53 prior to 15.1X53-D40, 15.1 prior to 15.1R2, do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is also known as 'Etherleak'

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Version14.1x53 Update-
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53 Updated10
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53 Updated15
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53 Updated16
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53 Updated25
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53 Updated26
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53 Updated27
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53 Updated30
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version14.1x53 Updated35
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1 Update-
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1 Updater1
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53 Update-
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53 Updated20
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53 Updated21
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53 Updated25
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53 Updated30
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53 Updated32
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53 Updated33
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53 Updated34
   JuniperEx4300 Version-
   JuniperEx4600 Version-
   JuniperQfx3500 Version-
   JuniperQfx3600 Version-
   JuniperQfx5100 Version-
   JuniperQfx5200 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.96% 0.744
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.securityfocus.com/bid/95403
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037593
Third Party Advisory
VDB Entry