CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
55.5%
An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS), or may lead to remote code execution (RCE). Continued receipt and processing of these frames, sent from the local broadcast domain, will repeatedly crash the l2cpd process and sustain the Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. Juniper Networks Junos OS Evolved versions prior to 20.4R2-EVO.
Vendor | Product | Version | CPE |
---|---|---|---|
juniper | junos | 12.3 | cpe:2.3:o:juniper:junos:12.3:-:*:*:*:*:*:* |
juniper | junos | 12.3 | cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:* |
juniper | junos | 12.3 | cpe:2.3:o:juniper:junos:12.3:r10:*:*:*:*:*:* |
juniper | junos | 12.3 | cpe:2.3:o:juniper:junos:12.3:r10-s1:*:*:*:*:*:* |
juniper | junos | 12.3 | cpe:2.3:o:juniper:junos:12.3:r10-s2:*:*:*:*:*:* |
juniper | junos | 12.3 | cpe:2.3:o:juniper:junos:12.3:r11:*:*:*:*:*:* |
juniper | junos | 12.3 | cpe:2.3:o:juniper:junos:12.3:r12:*:*:*:*:*:* |
juniper | junos | 12.3 | cpe:2.3:o:juniper:junos:12.3:r12-s1:*:*:*:*:*:* |
juniper | junos | 12.3 | cpe:2.3:o:juniper:junos:12.3:r12-s10:*:*:*:*:*:* |
juniper | junos | 12.3 | cpe:2.3:o:juniper:junos:12.3:r12-s11:*:*:*:*:*:* |
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
55.5%