CVE-2018-0005
moderate-risk
Published 2018-01-10
QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D40; 15.1X53 versions prior to 15.1X53-D55; 15.1 versions prior to 15.1R7.
Do I need to act?
-
0.22% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.4/10
High
ADJACENT_NETWORK
/ LOW complexity
Affected Products (20)
Affected Vendors
References (4)
Third Party Advisory
http://www.securitytracker.com/id/1040182
Mitigation
https://kb.juniper.net/JSA10833
Third Party Advisory
http://www.securitytracker.com/id/1040182
Mitigation
https://kb.juniper.net/JSA10833
45
/ 100
moderate-risk
Severity
23/34 · High
Exploitability
1/34 · Minimal
Exposure
21/34 · High