PT-2018-8565 · Juniper Networks · Screenos

Published

2018-01-10

·

Updated

2019-10-09

·

CVE-2018-0014

CVSS v3.1

6.5

Medium

VectorAV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions: Juniper Networks ScreenOS versions prior to 6.3.0r25
Description: The issue arises because Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros. As a result, some packets can contain fragments of system memory or data from previous packets.
Recommendations: For versions prior to 6.3.0r25, update to version 6.3.0r25 or later to resolve the issue.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2018-0014

Affected Products

Screenos