Description
On Juniper Networks Junos OS 15.1 releases from 15.1R3 to 15.1R4, 16.1 prior to 16.1R3, on M/MX platforms where Enhanced Subscriber Management for DHCPv6 subscribers is configured, a vulnerability in processing IPv6 ND packets originating from subscribers and destined to M/MX series routers can result in a PFE (Packet Forwarding Engine) hang or crash.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://kb.juniper.net/JSA10786
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1038254
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/97607
Scores
CVSS v3
5.3
EPSS
0.0041
EPSS Percentile
61.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Details
CWE
CWE-20
Status
published
Products (6)
juniper/junos
15.1 r3 (2 CPE variants)
juniper/junos
16.1 r1 (2 CPE variants)
Juniper Networks/Junos OS on M/MX platforms where Enhanced Subscriber Management for DHCPv6 subscribers is configured
15.1 releases from 15.1R3 to 15.1R4
Juniper Networks/Junos OS on M/MX platforms where Enhanced Subscriber Management for DHCPv6 subscribers is configured
16.1 prior to 16.1R3
Juniper Networks/Junos OS on M/MX platforms where Enhanced Subscriber Management for DHCPv6 subscribers is configured
16.2R1 and all subsequent releases have a resolution for this vulnerability
Juniper Networks/Junos OS on M/MX platforms where Enhanced Subscriber Management for DHCPv6 subscribers is configured
All releases prior to 15.1R3 are not affected.
Published
Apr 24, 2017
Tracked Since
Feb 18, 2026