Vulnerabilities > CVE-2015-5360 - Resource Management Errors vulnerability in Juniper Junos
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
IPv6 sendd in Juniper Junos 12.1X44 before 12.1X44-D51, 12.1X46 before 12.1X46-D36, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.3 before 13.3R6, 14.1 before 14.1R5, 14.2 before 14.2R3, 15.1 before 15.1R1, and 15.1X49 before 15.1X49-D20, when the "set protocols neighbor-discovery secure security-level default" option is configured, allows remote attackers to cause a denial of service (CPU consumption) via a crafted Secure Neighbor Discovery (SEND) Protocol packet.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 57 |
Common Weakness Enumeration (CWE)
Nessus
| NASL family | Junos Local Security Checks |
| NASL id | JUNIPER_JSA10688.NASL |
| description | According to its self-reported version number, the remote Juniper Junos device is affected by a denial of service vulnerability in sendd due to improper handling of IPv6 Secure Neighbor Discovery (SEND) Protocol packets when the Secure Neighbor Discovery feature is configured. A remote attacker, using a crafted SEND packet, can exploit this to cause excessive consumption of CPU resources, resulting in an impact on CLI responsiveness and the processing of IPv6 packets via link-local addresses. |
| last seen | 2019-10-28 |
| modified | 2015-08-04 |
| plugin id | 85228 |
| published | 2015-08-04 |
| reporter | This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/85228 |
| title | Juniper Junos IPv6 sendd DoS (JSA10688) |