ScreenOS: Etherleak vulnerability found on ScreenOS device
CVE-2018-0014

4.3MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Screenos
Vendor: CVE Published:; 10 January 2018

Badges

👾 Exploit Exists

Summary

Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001. The issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25.

Affected Version(s)

ScreenOS all < 6.3.0r25

References

https://kb.juniper.net/JSA10841

x_refsource_CONFIRM

http://www.securitytracker.com/id/1040185

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Aug 5, 2024
Vulnerability published
Jan 10, 2018
Vulnerability Reserved
Nov 16, 2017