CVE-2018-0014
MEDIUMJuniper ScreenOS < 6.3.0r25 - Unauthorized Memory Exposure via Unpadded Ethernet Packets
Title source: llmDescription
Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001. The issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://kb.juniper.net/JSA10841
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1040185
Scores
CVSS v3
4.3
EPSS
0.0011
EPSS Percentile
29.4%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (25)
juniper/screenos
6.3.0r1
juniper/screenos
6.3.0r2
juniper/screenos
6.3.0r3
juniper/screenos
6.3.0r4
juniper/screenos
6.3.0r5
juniper/screenos
6.3.0r6
juniper/screenos
6.3.0r7
juniper/screenos
6.3.0r8
juniper/screenos
6.3.0r9
juniper/screenos
6.3.0r10
... and 15 more
Published
Jan 10, 2018
Tracked Since
Feb 18, 2026