CVE-2018-0014

Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001. The issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25.

Published: Jan 10, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-0014
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 3.3
AV:A/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
juniper / screenos	6.3.0r1	6.3.0r1.x
juniper / screenos	6.3.0r2	6.3.0r2.x
juniper / screenos	6.3.0r3	6.3.0r3.x
juniper / screenos	6.3.0r4	6.3.0r4.x
juniper / screenos	6.3.0r5	6.3.0r5.x
juniper / screenos	6.3.0r6	6.3.0r6.x
juniper / screenos	6.3.0r7	6.3.0r7.x
juniper / screenos	6.3.0r8	6.3.0r8.x
juniper / screenos	6.3.0r9	6.3.0r9.x
juniper / screenos	6.3.0r10	6.3.0r10.x
juniper / screenos	6.3.0r11	6.3.0r11.x
juniper / screenos	6.3.0r12	6.3.0r12.x
juniper / screenos	6.3.0r13	6.3.0r13.x
juniper / screenos	6.3.0r14	6.3.0r14.x
juniper / screenos	6.3.0r15	6.3.0r15.x
juniper / screenos	6.3.0r16	6.3.0r16.x
juniper / screenos	6.3.0r17	6.3.0r17.x
juniper / screenos	6.3.0r18	6.3.0r18.x
juniper / screenos	6.3.0r19	6.3.0r19.x
juniper / screenos	6.3.0r20	6.3.0r20.x
juniper / screenos	6.3.0r21	6.3.0r21.x
juniper / screenos	6.3.0r22	6.3.0r22.x
juniper / screenos	6.3.0r23	6.3.0r23.x
juniper / screenos	6.3.0r24	6.3.0r24.x
juniper / screenos	6.3.0r25	6.3.0r25.x

Vulnerability Database

290,020

CVE-2018-0014