CVE-2018-0005

Security Bulletin: Junos OS: MAC move limit configured to drop traffic may forward traffic.

CVSS 7.4 HIGHEPSS 0.7%

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7.4EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

10 Jan 2018Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D40; 15.1X53 versions prior to 15.1X53-D55; 15.1 versions prior to 15.1R7.

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Affected products

Juniper Networks · Junos OS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://kb.juniper.net/JSA10833 http://www.securitytracker.com/id/1040182