Vulnerability CVE-2018-0014


Published: 2018-01-10   Modified: 2018-01-11

Description:
Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001. The issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25.

Type:

CWE-200

(Information Exposure)

CVSS2 => (AV:A/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
3.3/10
2.9/10
6.5/10
Exploit range
Attack complexity
Authentication
Adjacent network
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Juniper -> Screenos 

 References:
http://www.securitytracker.com/id/1040185
https://kb.juniper.net/JSA10841

Copyright 2022, cxsecurity.com

 

Back to Top