CVE-2018-0014

ScreenOS: Etherleak vulnerability found on ScreenOS device

CVSS 4.3 MEDIUMEPSS 0.6%

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 4.3EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

10 Jan 2018Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001. The issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25.

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Juniper Networks · ScreenOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://kb.juniper.net/JSA10841 http://www.securitytracker.com/id/1040185