cvelistv5 - CVE-2016-1262

CVE-2016-1262 (GCVE-0-2016-1262)

Vulnerability from cvelistv5

Published

2016-01-15 19:00

Modified

2024-08-05 22:48

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

ghsa-fc7g-9852-m869

Vulnerability from github

Published

2022-05-17 03:32

Modified

2022-05-17 03:32

Severity ?

5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-1262"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-01-15T19:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote attackers to cause a denial of service (flowd crash) via a crafted RTSP packet.",
  "id": "GHSA-fc7g-9852-m869",
  "modified": "2022-05-17T03:32:13Z",
  "published": "2022-05-17T03:32:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1262"
    },
    {
      "type": "WEB",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10721"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1035108"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2016-AVI-020

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans les produits Juniper. Elles permettent à un attaquant de provoquer un déni de service à distance.

Contournement provisoire

En premier lieu, Le CERT-FR recommande comme toujours de mettre vos matériels et logiciels à jour. Si cela n'est pas possible, Juniper propose pour chacune des vulnérabilités, mentionnées ici, un moyen de mitiger les éventuelles attaques.

None

Impacted products

	Vendor	Product	Description
	Juniper Networks	Junos OS	Juniper Junos OS
	N/A	N/A	Juniper EX4300

References

Title

Publication Time

cnvd-2016-00387

Vulnerability from cnvd

Title

Juniper Junos OS拒绝服务漏洞

Description

Juniper Networks是网络通讯设备公司，主要供应IP网络及资讯安全解决方案。 Juniper Junos OS 启用了RTSP ALG后，处理某些构造的RTSP数据包时会造成进程崩溃,导致拒绝服务（flowd崩溃）。

Severity

高

Patch Name

Juniper Junos OS拒绝服务漏洞（CNVD-2016-00387）的补丁

Patch Description

Juniper Networks是网络通讯设备公司，主要供应IP网络及资讯安全解决方案。 Juniper Junos OS 启用了RTSP ALG后，处理某些构造的RTSP数据包时会造成进程崩溃,导致拒绝服务（flowd崩溃）。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10721&actp=search

Reference

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1262

Impacted products

Name
['Juniper Networks Junos OS <12.1X46-D45', 'Juniper Networks Junos OS 12.1X47(<12.1X47-D30)', 'Juniper Networks Junos OS 12.1X48(<12.3X48-D20)', 'Juniper Networks Junos OS 15.1X49(<15.1X49-D30)']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-1262"
    }
  },
  "description": "Juniper Networks\u662f\u7f51\u7edc\u901a\u8baf\u8bbe\u5907\u516c\u53f8\uff0c\u4e3b\u8981\u4f9b\u5e94IP\u7f51\u7edc\u53ca\u8d44\u8baf\u5b89\u5168\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nJuniper Junos OS \u542f\u7528\u4e86RTSP ALG\u540e\uff0c\u5904\u7406\u67d0\u4e9b\u6784\u9020\u7684RTSP\u6570\u636e\u5305\u65f6\u4f1a\u9020\u6210\u8fdb\u7a0b\u5d29\u6e83,\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08flowd\u5d29\u6e83\uff09\u3002",
  "discovererName": "unknown",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10721\u0026actp=search",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-00387",
  "openTime": "2016-01-21",
  "patchDescription": "Juniper Networks\u662f\u7f51\u7edc\u901a\u8baf\u8bbe\u5907\u516c\u53f8\uff0c\u4e3b\u8981\u4f9b\u5e94IP\u7f51\u7edc\u53ca\u8d44\u8baf\u5b89\u5168\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nJuniper Junos OS \u542f\u7528\u4e86RTSP ALG\u540e\uff0c\u5904\u7406\u67d0\u4e9b\u6784\u9020\u7684RTSP\u6570\u636e\u5305\u65f6\u4f1a\u9020\u6210\u8fdb\u7a0b\u5d29\u6e83,\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08flowd\u5d29\u6e83\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Juniper Junos OS\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-00387\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Juniper Networks Junos OS \u003c12.1X46-D45",
      "Juniper Networks Junos OS 12.1X47(\u003c12.1X47-D30)",
      "Juniper Networks Junos OS 12.1X48(\u003c12.3X48-D20)",
      "Juniper Networks Junos OS 15.1X49(\u003c15.1X49-D30)"
    ]
  },
  "referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1262",
  "serverity": "\u9ad8",
  "submitTime": "2016-01-18",
  "title": "Juniper Junos OS\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

fkie_cve-2016-1262

Vulnerability from fkie_nvd

Published

2016-01-15 19:59

Modified

2025-04-12 10:46

Severity ?

5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
cve@mitre.org	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10721	Vendor Advisory
cve@mitre.org	http://www.securitytracker.com/id/1035108
af854a3a-2127-422b-91ae-364da2661108	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10721	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1035108

Impacted products

Vendor	Product	Version
juniper	junos	*
juniper	junos	12.1x47
juniper	junos	12.1x47
juniper	junos	12.1x47
juniper	junos	12.1x47
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	15.1x49
juniper	junos	15.1x49

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:*:d40:*:*:*:*:*:*",
              "matchCriteriaId": "4711A29F-326C-44CF-B079-FFA2E5C0B2C3",
              "versionEndIncluding": "12.1x46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BB3DE56-1B04-4A53-B4A4-93286FC98463",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x47:d10:*:*:*:*:*:*",
              "matchCriteriaId": "181C0D30-4476-48EE-A4A4-3B2461F4AC20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x47:d15:*:*:*:*:*:*",
              "matchCriteriaId": "63F559A2-2744-4771-9420-C70AA87496A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x47:d20:*:*:*:*:*:*",
              "matchCriteriaId": "040A6307-236E-4FAA-9A74-676F1DB0CF17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
              "matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
              "matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
              "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
              "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote attackers to cause a denial of service (flowd crash) via a crafted RTSP packet."
    },
    {
      "lang": "es",
      "value": "Juniper Junos OS en versiones anteriores a 12.1X46-D45, 12.1X47 en versiones anteriores a 12.1X47-D30, 12.1X48 en versiones anteriores a 12.3X48-D20 y 15.1X49 en versiones anteriores a 15.1X49-D30 en dispositivos de las series SRX, cuando el Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) est\u00e1 habilitado, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de flowd) a trav\u00e9s de un paquete RTSP manipulado."
    }
  ],
  "id": "CVE-2016-1262",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-01-15T19:59:09.273",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10721"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1035108"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035108"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2016-1262

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2016-1262

Aliases

CVE-2016-1262

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-1262",
    "description": "Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote attackers to cause a denial of service (flowd crash) via a crafted RTSP packet.",
    "id": "GSD-2016-1262"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-1262"
      ],
      "details": "Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote attackers to cause a denial of service (flowd crash) via a crafted RTSP packet.",
      "id": "GSD-2016-1262",
      "modified": "2023-12-13T01:21:24.150801Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2016-1262",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote attackers to cause a denial of service (flowd crash) via a crafted RTSP packet."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10721",
            "refsource": "CONFIRM",
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10721"
          },
          {
            "name": "1035108",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1035108"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x47:d10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:*:d40:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "12.1x46",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x47:d20:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x47:d15:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-1262"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote attackers to cause a denial of service (flowd crash) via a crafted RTSP packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10721",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10721"
            },
            {
              "name": "1035108",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1035108"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM"
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.2,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2016-12-03T03:20Z",
      "publishedDate": "2016-01-15T19:59Z"
    }
  }
}

var-201601-0049

Vulnerability from variot

Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote attackers to cause a denial of service (flowd crash) via a crafted RTSP packet. Juniper Junos is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Juniper Networks Junos on SRX Series devices is a set of network operating systems of Juniper Networks (Juniper Networks) running on SRX series service gateway devices. The operating system provides a secure programming interface and Junos SDK. A security vulnerability exists in Juniper Networks Junos OS on SRX Series devices. The following versions are affected: Juniper Networks Junos OS prior to 12.1X44-D60, 12.1X46 prior to 12.1X46-D45, 12.1X47 prior to 12.1X47-D30, 12.3 prior to 12.3R10, 12.3X48 prior to 12.3X48-D20, 13.2 Version 13.2X51 before X51-D20, version 13.3 before 13.3R8, version 14.1 before 14.1R6, version 14.2 before 14.2R5

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201601-0049",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "12.3x48"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "12.1x47"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "15.1x49"
      },
      {
        "model": "junos",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "12.1x46"
      },
      {
        "model": "junos os",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.1x48"
      },
      {
        "model": "junos os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.1x47-d30"
      },
      {
        "model": "junos os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "15.1x49-d30"
      },
      {
        "model": "junos os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.3x48-d20"
      },
      {
        "model": "junos os",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.1x47"
      },
      {
        "model": "junos os",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "15.1x49"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "12.1x46"
      },
      {
        "model": "junos os 15.1x49-d10",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 12.3x48-d15",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 12.3x48-d10",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 12.1x47-d20",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 12.1x47-d15",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 12.1x47-d11",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 12.1x47-d10",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 15.1x49-d30",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 12.3x48-d20",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os 12.1x47-d30",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "80756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001295"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-340"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1262"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:juniper:junos",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001295"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "80756"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-1262",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2016-1262",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-90081",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.2,
            "id": "CVE-2016-1262",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-1262",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-1262",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201601-340",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-90081",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90081"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001295"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-340"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1262"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote attackers to cause a denial of service (flowd crash) via a crafted RTSP packet. Juniper Junos is prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to crash the affected application, denying service to legitimate users. Juniper Networks Junos on SRX Series devices is a set of network operating systems of Juniper Networks (Juniper Networks) running on SRX series service gateway devices. The operating system provides a secure programming interface and Junos SDK. A security vulnerability exists in Juniper Networks Junos OS on SRX Series devices. The following versions are affected: Juniper Networks Junos OS prior to 12.1X44-D60, 12.1X46 prior to 12.1X46-D45, 12.1X47 prior to 12.1X47-D30, 12.3 prior to 12.3R10, 12.3X48 prior to 12.3X48-D20, 13.2 Version 13.2X51 before X51-D20, version 13.3 before 13.3R8, version 14.1 before 14.1R6, version 14.2 before 14.2R5",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-1262"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001295"
      },
      {
        "db": "BID",
        "id": "80756"
      },
      {
        "db": "VULHUB",
        "id": "VHN-90081"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-1262",
        "trust": 2.8
      },
      {
        "db": "JUNIPER",
        "id": "JSA10721",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1035108",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001295",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-340",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "80756",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-90081",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90081"
      },
      {
        "db": "BID",
        "id": "80756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001295"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-340"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1262"
      }
    ]
  },
  "id": "VAR-201601-0049",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90081"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T22:38:46.192000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "JSA10721",
        "trust": 0.8,
        "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10721"
      },
      {
        "title": "Juniper Networks Junos OS Remediation measures for denial of service vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59658"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001295"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-340"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90081"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001295"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1262"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10721"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1035108"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1262"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1262"
      },
      {
        "trust": 0.3,
        "url": "http://www.juniper.net"
      },
      {
        "trust": 0.3,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10721\u0026actp=rss"
      },
      {
        "trust": 0.1,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10721"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90081"
      },
      {
        "db": "BID",
        "id": "80756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001295"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-340"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1262"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-90081"
      },
      {
        "db": "BID",
        "id": "80756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001295"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-340"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1262"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-01-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90081"
      },
      {
        "date": "2016-01-13T00:00:00",
        "db": "BID",
        "id": "80756"
      },
      {
        "date": "2016-01-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-001295"
      },
      {
        "date": "2016-01-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201601-340"
      },
      {
        "date": "2016-01-15T19:59:09.273000",
        "db": "NVD",
        "id": "CVE-2016-1262"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-12-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90081"
      },
      {
        "date": "2016-01-13T00:00:00",
        "db": "BID",
        "id": "80756"
      },
      {
        "date": "2016-01-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-001295"
      },
      {
        "date": "2016-01-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201601-340"
      },
      {
        "date": "2024-11-21T02:46:03.727000",
        "db": "NVD",
        "id": "CVE-2016-1262"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-340"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Juniper SRX Runs on series devices  Junos OS Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001295"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-340"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2016-1262 (GCVE-0-2016-1262)

Vulnerability from cvelistv5

ghsa-fc7g-9852-m869

Vulnerability from github

CERTFR-2016-AVI-020

Vulnerability from certfr_avis

Contournement provisoire

cnvd-2016-00387

Vulnerability from cnvd

fkie_cve-2016-1262

Vulnerability from fkie_nvd

gsd-2016-1262

Vulnerability from gsd

var-201601-0049

Vulnerability from variot

Tags

Sightings

Nomenclature