Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2018-0056

CVE information

Published

4 years ago

Last Modified

3 years ago

CVSSv2.0 Severity

Low

CVSSv3.1 Severity

Medium

Impact Analysis

Description

If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between the interfaces. However, the Layer 2 Address Learning Daemon (L2ALD) daemon might crash when attempting to delete the duplicate MAC address when the particular entry is not found in the internal MAC address table. This issue only occurs on MX Series devices with l2-backhaul VPN configured. No other products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S1 on MX Series; 16.1 versions prior to 16.1R4-S12, 16.1R6-S6 on MX Series; 16.2 versions prior to 16.2R2-S7 on MX Series; 17.1 versions prior to 17.1R2-S9 on MX Series; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6 on MX Series; 17.3 versions prior to 17.3R2-S4, 17.3R3-S1 on MX Series; 17.4 versions prior to 17.4R1-S5 on MX Series; 18.1 versions prior to 18.1R2 on MX Series..

CVSSv2.0 Score

Severity
Low
Base Score
2.9/10
Exploit Score
5.5/10
Access Vector
Adjacent_network
Access Complexity
Medium
Authentication Required
None
Impact Score
2.9/10
Confidentiality Impact
None
Availability Impact
Partial
Integrity Impact
None

CVSSv3.1 Score

Severity
Medium
Base Score
5.3/10
Exploit Score
1.6/10
Access Vector
Adjacent_network
Access Complexity
High
Privileges Required
None
Impact Score
3.6/10
Confidentiality Impact
None
Availability Impact
High
Integrity Impact
None
Scope
Unchanged
User Interaction
None

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:16.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:17.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:17.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:17.3:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:juniper:junos:18.1:*:*:*:*:*:*:*
  Yes
- -