CVE-2016-1257
Last modified
CVE-2016-1257 is a vulnerability of currently unknown severity. The Routing Engine in Juniper Junos OS 13.2R5 through 13.2R8, 13.3R1 before 13.3R8, 13.3R7 before 13.3R7-S3, 14.1R1 before 14.1R6, 14.1R3 before 14.1R3-S9, 14.1R4 before 14.1R4-S7, 14.1X51 before 14.1X51-D65, 14.1X53 before 14.1X53-D12, 14.1X53 before 14.1X53-D28, 14.1X53 before 4.1X53-D35, 14.2R1 before 14.2R5, 14.2R3 before 14.2R3-S4, 14.2R4 before 14.2R4-S1, 15.1 before 15.1R3, 15.1F2 before 15.1F2-S2, and 15.1X49 before 15.1X49-D40, when LDP is enabled, allows remote attackers to cause a denial of service (RPD routing process crash) via a crafted LDP packet.. EPSS estimates a 1.54% chance of exploitation in the next 30 days.
Description
The Routing Engine in Juniper Junos OS 13.2R5 through 13.2R8, 13.3R1 before 13.3R8, 13.3R7 before 13.3R7-S3, 14.1R1 before 14.1R6, 14.1R3 before 14.1R3-S9, 14.1R4 before 14.1R4-S7, 14.1X51 before 14.1X51-D65, 14.1X53 before 14.1X53-D12, 14.1X53 before 14.1X53-D28, 14.1X53 before 4.1X53-D35, 14.2R1 before 14.2R5, 14.2R3 before 14.2R3-S4, 14.2R4 before 14.2R4-S1, 15.1 before 15.1R3, 15.1F2 before 15.1F2-S2, and 15.1X49 before 15.1X49-D40, when LDP is enabled, allows remote attackers to cause a denial of service (RPD routing process crash) via a crafted LDP packet.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Juniper | Junos | 13.2 | R5 |
| Juniper | Junos | 13.3 | R1 |
| Juniper | Junos | 14.1 | R1 |
| Juniper | Junos | 14.1x51 | — |
| Juniper | Junos | 14.1x53 | — |
| Juniper | Junos | 14.2 | R1 |
| Juniper | Junos | 15.1 | — |
| Juniper | Junos | 15.1x49 | D10 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-1257?
How severe is CVE-2016-1257?
How do I fix CVE-2016-1257?
Are you affected by CVE-2016-1257?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST