CVE-2018-0014 MEDIUM

CVE-2018-0014: ScreenOS: Etherleak vulnerability found on ScreenOS device

Vendor Juniper Networks
Product ScreenOS
Published January 10, 2018
Last update September 16, 2024

CVSS base score

4.3/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001. The issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25.

Key dates

02Disclosure timeline

January 10, 2018 CVE published
September 16, 2024 Record updated