admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Juniper-2021-10-13 CVE publications

Browse Source
This commit is contained in:
cu-jnpr 2021-10-19 18:05:14 +02:00
parent c8155fd059
commit 377ebed41d
42 changed files with 7013 additions and 294 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

111
2021/0xxx/CVE-2021-0296.json
View File

@ -1,18 +1,115 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-0296",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "CTPView: HSTS not being enforced on CTPView server."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CTPView",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7.3",
"version_value": "7.3R7"
},
{
"version_affected": "<",
"version_name": "9.1",
"version_value": "9.1R3"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Juniper Networks CTPView server is not enforcing HTTP Strict Transport Security (HSTS). HSTS is an optional response header which allows servers to indicate that content from the requested domain will only be served over HTTPS. The lack of HSTS may leave the system vulnerable to downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.\n\nThis issue affects Juniper Networks CTPView:\n7.3 versions prior to 7.3R7;\n9.1 versions prior to 9.1R3."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-319 Cleartext Transmission of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11210",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11210"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: CTPView 7.3R7-1, 9.1R3, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11210",
"defect": [
"1544758"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Use access lists or firewall filters to limit access to the system via HTTP only from trusted, administrative networks or hosts."
}
]
}

115
2021/0xxx/CVE-2021-0297.json
View File

@ -1,18 +1,119 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-0297",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS Evolved: BGP and LDP sessions with TCP MD5 authentication established with peers not configured for authentication"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "20.3R2-S1-EVO"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2-EVO"
},
{
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does not have TCP MD5 authentication enabled. This could lead to untrusted or unauthorized sessions being established, resulting in an impact on confidentiality or stability of the network.\n\nThis issue affects Juniper Networks Junos OS Evolved:\nAll versions prior to 20.3R2-S1-EVO;\n20.4 versions prior to 20.4R2-EVO;\n21.1 versions prior to 21.1R2-EVO.\n\nJuniper Networks Junos OS is not affected by this issue.\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11211",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11211"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 20.3R2-S1-EVO, 20.4R2-EVO, 21.1R2-EVO, 21.2R1-EVO, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11211",
"defect": [
"1569843"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "There are no known workarounds for this issue."
}
]
}

114
2021/0xxx/CVE-2021-0298.json
View File

@ -1,18 +1,118 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-0298",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS Evolved: PTX10003, PTX10008: picd core while executing the \"show chassis pic\" command under certain conditions"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"platform": "PTX10003, PTX10008",
"version_affected": "<",
"version_value": "20.1R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Race Condition in the 'show chassis pic' command in Juniper Networks Junos OS Evolved may allow an attacker to crash the port interface concentrator daemon (picd) process on the FPC, if the command is executed coincident with other system events outside the attacker's control, leading to a Denial of Service (DoS) condition. Continued execution of the CLI command, under precise conditions, could create a sustained Denial of Service (DoS) condition.\n\nThis issue affects all Juniper Networks Junos OS Evolved versions prior to 20.1R2-EVO on PTX10003 and PTX10008 platforms.\n\nJunos OS is not affected by this vulnerability.\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11212",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11212"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 20.1R2-EVO, 20.2R1-EVO, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11212",
"defect": [
"1497285"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Use access lists or firewall filters to limit access to the router via CLI only from trusted hosts and from trusted administrators."
}
]
}

128
2021/0xxx/CVE-2021-0299.json
View File

@ -1,18 +1,132 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-0299",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: Kernel crash (vmcore) upon receipt of a malformed IPv6 packet"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R3"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R1-S1, 20.2R2"
},
{
"version_affected": "!<",
"version_value": "19.4R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or directly received malformed IPv6 packet in Juniper Networks Junos OS results in a kernel crash, causing the device to restart, leading to a Denial of Service (DoS).\n\nContinued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.\n\nThis issue only affects systems with IPv6 configured. Devices with only IPv4 configured are not vulnerable to this issue.\n\nThis issue affects Juniper Networks Junos OS:\n19.4 versions prior to 19.4R3;\n20.1 versions prior to 20.1R2;\n20.2 versions prior to 20.2R1-S1, 20.2R2.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 19.4R1."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11213",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11213"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 19.4R3, 20.1R2, 20.2R1-S1, 20.2R2, 20.3R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11213",
"defect": [
"1515835"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

110
2021/31xxx/CVE-2021-31349.json
View File

@ -1,18 +1,114 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31349",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Session Smart Router: Authentication Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "128 Technology Session Smart Router",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "4.5.11"
},
{
"version_affected": "<=",
"version_name": "5.0",
"version_value": "5.0.1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "128 Technology was notified via the JVN community of the vulnerability as JVN#85073657. "
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary code.\n\nThis issue affects all Juniper Networks 128 Technology Session Smart Router versions prior to 4.5.11, and all versions of 5.0 up to and including 5.0.1."
}
]
}
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287 Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11256",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11256"
}
]
},
"solution": [
{
"lang": "eng",
"value": "128 Technology has released software updates that address the vulnerability described in this advisory. \n\nFixed Releases:\nThe following 128T software patches have been released to resolve this specific issue: 4.5.11, 5.1.0, and all subsequent releases.\nCustomers who are running 5.0.0 or 5.0.1 should upgrade to 5.1.6 or later.\n\nInstructions for upgrading the 128T Networking Platform can be found at https://docs.128technology.com/docs/intro_upgrading ."
}
],
"source": {
"advisory": "JSA11256",
"defect": [
"I95-41227"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "While no workarounds exist for this vulnerability, risk exposure can be mitigated. HTTP access to the SSR occurs on TCP port 443. It is recommended to install firewall rules to permit access only from trusted IP addresses."
}
]
}

172
2021/31xxx/CVE-2021-31350.json
View File

@ -1,18 +1,176 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31350",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: Privilege escalation vulnerability in Juniper Extension Toolkit (JET)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R1-S8, 18.4R2-S8, 18.4R3-S8"
},
{
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R2-S3, 19.1R3-S5"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S2"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S2"
},
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3-S3"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R2-S3, 20.2R3"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R2-S1, 20.3R3"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2"
},
{
"version_affected": "!<",
"version_value": "18.4R1"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "20.4R2-EVO"
},
{
"version_affected": "<",
"version_name": "21.1-EVO",
"version_value": "21.1R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The following is an example of enabling gRPC in Junos:\n\n set system services extension-service request-response grpc ssl\n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system.\n\nThe issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root.\n\nThis issue affects Juniper Networks Junos OS:\n18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8;\n19.1 versions prior to 19.1R2-S3, 19.1R3-S5;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R2-S3, 20.2R3;\n20.3 versions prior to 20.3R2-S1, 20.3R3;\n20.4 versions prior to 20.4R2.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 18.4R1.\n\nJuniper Networks Junos OS Evolved:\nAll versions prior to 20.4R2-EVO;\n21.1-EVO versions prior to 21.1R2-EVO.\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11215",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11215"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 18.4R1-S8, 18.4R2-S8, 18.4R3-S8, 19.1R2-S3, 19.1R3-S5, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2-S1, 20.3R3, 20.4R2, 21.1R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-EVO, 21.1R2-EVO, 21.2R1-EVO, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11215",
"defect": [
"1578302"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Use access lists or firewall filters to limit access to the device via gRPC only from trusted hosts and from trusted administrators\n"
}
]
}

234
2021/31xxx/CVE-2021-31351.json
View File

@ -1,18 +1,238 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31351",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: MX Series: Receipt of specific packet on MS-MPC/MS-MIC causes line card reset"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "!<",
"version_value": "15.1"
},
{
"version_affected": "!<",
"version_name": "17.3",
"version_value": "17.3R3-S11"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_value": "17.3R3-S11"
},
{
"platform": "MX Series",
"version_affected": ">=",
"version_name": "17.4",
"version_value": "17.4R2-S13"
},
{
"version_affected": "!>=",
"version_name": "17.4",
"version_value": "17.4R3"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_value": "18.1R3-S12"
},
{
"platform": "MX Series",
"version_affected": ">=",
"version_name": "18.2",
"version_value": "18.2R2-S8, 18.2R3-S7"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_value": "18.3R3-S4"
},
{
"platform": "MX Series",
"version_affected": ">=",
"version_name": "18.4",
"version_value": "18.4R1-S8, 18.4R2-S7"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "18.4",
"version_value": "18.4R3-S7"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "19.1",
"version_value": "19.1R3-S4, 19.1R3-S5"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "19.2",
"version_value": "19.2R1-S6"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "19.3",
"version_value": "19.3R3-S2"
},
{
"platform": "MX Series",
"version_affected": ">=",
"version_name": "19.4",
"version_value": "19.4R2-S4"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "19.4",
"version_value": "19.4R3-S2"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "20.1",
"version_value": "20.1R2-S1"
},
{
"platform": "MX Series",
"version_affected": ">=",
"version_name": "20.2",
"version_value": "20.2R2-S2"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "20.2",
"version_value": "20.2R3"
},
{
"platform": "MX Series",
"version_affected": ">=",
"version_name": "20.3",
"version_value": "20.3R1-S2"
},
{
"platform": "MX Series",
"version_affected": "=",
"version_name": "20.3",
"version_value": "20.3R2"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2-S1, 20.4R3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R1-S1, 21.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Check for Unusual or Exceptional Conditions in packet processing on the MS-MPC/MS-MIC utilized by Juniper Networks Junos OS allows a malicious attacker to send a specific packet, triggering the MS-MPC/MS-MIC to reset, causing a Denial of Service (DoS).\n\nContinued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.\n\nThis issue only affects specific versions of Juniper Networks Junos OS on MX Series:\n17.3R3-S11;\n17.4R2-S13;\n17.4R3 prior to 17.4R3-S5;\n18.1R3-S12;\n18.2R2-S8, 18.2R3-S7, 18.2R3-S8;\n18.3R3-S4;\n18.4R3-S7;\n19.1R3-S4, 19.1R3-S5;\n19.2R1-S6;\n19.3R3-S2;\n19.4R2-S4, 19.4R2-S5;\n19.4R3-S2;\n20.1R2-S1;\n20.2R2-S2, 20.2R2-S3, 20.2R3;\n20.3R2, 20.3R2-S1;\n20.4R1, 20.4R1-S1, 20.4R2;\n21.1R1;\n\nThis issue does not affect any version of Juniper Networks Junos OS prior to 15.1X49-D240;\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11216",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11216"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 17.3R3-S12, 17.4R3-S5, 18.1R3-S13, 18.3R3-S5, 18.4R3-S8, 19.1R3-S6, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S3, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R3-S1, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases.\n\nNote: Only those releases listed in the PROBLEM section above are affected. This fix has also been proactively committed into other releases that are not vulnerable to this issue."
}
],
"source": {
"advisory": "JSA11216",
"defect": [
"1577814"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

111
2021/31xxx/CVE-2021-31352.json
View File

@ -1,18 +1,115 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31352",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "SRC Series: NETCONF over SSH allows negotiation of weak ciphers"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SRC Series",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "4.13.0-R6"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "A sample configuration of NETCONF over SSH is shown below:\n\n netconf {\n ssh {\n port 830;\n }\n }\n "
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sensitive information. A remote attacker with read and write access to network data could exploit this vulnerability to display plaintext bits from a block of ciphertext and obtain sensitive information.\n\nThis issue affects all Juniper Networks SRC Series versions prior to 4.13.0-R6."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11217",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11217"
}
]
},
"solution": [
{
"lang": "eng",
"value": "A hotfix has been created to resolve this issue. Contact Juniper Networks Technical Support to request the hotfix.\n\nWeak ciphers are now disabled by default. Only the following ciphers and key-exchange (KEX) algorithms are now enabled by default:\n\n• Ciphers: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\n• KEX Algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1\n\nNote: After upgrading to a fixed release, any manually configured weak ciphers or KEX algorithms for NETCONF will be retained. Administrators should reset their cipher configuration by typing:\n root@src# delete system services netconf ssh\n root@src# commit\n Stopping NETCONF/SSH:\n commit complete.\n\n root@src# set system services netconf ssh\n"
}
],
"source": {
"advisory": "JSA11217",
"defect": [
"1568322"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

180
2021/31xxx/CVE-2021-31353.json
View File

@ -1,18 +1,184 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31353",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: RPD core upon receipt of specific BGP update"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "!<",
"version_value": "19.3R3-S2"
},
{
"version_affected": "=",
"version_value": "19.3R3-S2"
},
{
"version_affected": "=",
"version_value": "19.4R3-S3"
},
{
"version_affected": "!>=",
"version_name": "20.1",
"version_value": "20.1R1"
},
{
"version_affected": "!<",
"version_name": "20.2",
"version_value": "20.2R2-S3"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"version_affected": "!<",
"version_name": "20.3",
"version_value": "20.3R2"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"version_affected": "!<",
"version_name": "20.4",
"version_value": "20.4R2"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "20.4R2-S3-EVO, 20.4R3-EVO"
},
{
"version_affected": "<",
"version_name": "21.1-EVO",
"version_value": "21.1R2-EVO"
},
{
"version_affected": "<",
"version_name": "21.2-EVO",
"version_value": "21.2R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "This issue can occur when multipath is enabled:\n\n routing-instance <vrf> routing-options multipath\n\nand one of the following two TTL propagation options (but not both) are enabled:\n\n protocols mpls no-propagate-ttl\n routing-instance <vrf> no-vrf-propagate-ttl\n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS).\n\nContinued receipt and processing of the BGP update will create a sustained Denial of Service (DoS) condition.\n\nThis issue affects very specific versions of Juniper Networks Junos OS:\n19.3R3-S2;\n19.4R3-S3;\n20.2 versions 20.2R2-S3 and later, prior to 20.2R3-S2;\n20.3 versions 20.3R2 and later, prior to 20.3R3;\n20.4 versions 20.4R2 and later, prior to 20.4R3;\n21.1 versions prior to 21.1R2.\n\nJuniper Networks Junos OS 20.1 is not affected by this issue.\n\nThis issue also affects Juniper Networks Junos OS Evolved:\nAll versions prior to 20.4R2-S3-EVO, 20.4R3-EVO;\n21.1-EVO versions prior to 21.1R2-EVO;\n21.2-EVO versions prior to 21.2R2-EVO.\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11218",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11218"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 18.4R2-S9, 19.1R3-S7, 19.3R3-S3, 19.4R1-S4, 19.4R3-S4, 20.1R3, 20.2R3-S2, 20.3R3, 20.4R3, 21.1R2, 21.2R1, 21.2R2, 21.3R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-S3-EVO, 20.4R3-EVO, 21.1R2-EVO, 21.2R2-EVO, 21.3R1-EVO, and all subsequent releases.\n\nNote: Only those releases listed in the PROBLEM section above are affected. This fix has also been proactively committed into other releases that are not vulnerable to this issue."
}
],
"source": {
"advisory": "JSA11218",
"defect": [
"1595165"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "This issue can be mitigated in two ways:\n\n1) ensure that TTL propagation is either enabled or disabled in both places below:\n protocols mpls no-propagate-ttl\n routing-instance <vrf> no-vrf-propagate-ttl\n\n2) Disable multipath:\n routing-instance <vrf> routing-options multipath \n"
}
]
}

175
2021/31xxx/CVE-2021-31354.json
View File

@ -1,18 +1,179 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31354",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: A vulnerability in the Juniper Agile License Client may allow an attacker to perform Remote Code Execution (RCE)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "!<",
"version_value": "19.2R1"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R3-S3"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R3-S3"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3-S1"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_value": "20.1R1-EVO"
},
{
"version_affected": "<",
"version_value": "21.2R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "Systems vulnerable to this issue will have the Junos License Client set to Network Mode as follows:\n\n [system license network-mode]\n"
}
],
"credit": [
{
"lang": "eng",
"value": "Juniper SIRT would like to acknowledge and thank The UK's National Cyber Security Centre (NCSC) for responsibly reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE). The vulnerability exists in the packet parsing logic on the client that processes the response from the server using a custom protocol. An attacker with control of a JAL License Manager, or with access to the local broadcast domain, may be able to spoof a new JAL License Manager and/or craft a response to the Junos OS License Client, leading to exploitation of this vulnerability.\n\nThis issue only affects Junos systems configured in Network Mode. Systems that are configured in Standalone Mode (the default mode of operation for all systems) are not vulnerable to this issue.\n\nThis issue affects:\n\nJuniper Networks Junos OS:\n19.2 versions prior to 19.2R3-S3;\n19.3 versions prior to 19.3R3-S3;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R3;\n21.1 versions prior to 21.1R2.\n\nJuniper Networks Junos OS Evolved:\nversion 20.1R1-EVO and later versions, prior to 21.2R2-EVO.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 19.2R1.\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11219",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11219"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS 19.3R3-S3, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases.\nJunos OS Evolved 21.2R2-EVO, 21.3R1-EVO, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11219",
"defect": [
"1582419"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Disable Network Mode and configure the Junos License Client to use Standalone Mode:\n\n user@junos# set system license standalone-mode\n"
}
]
}

178
2021/31xxx/CVE-2021-31355.json
View File

@ -1,18 +1,182 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31355",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: Stored Cross-Site Scripting (XSS) vulnerability in captive portal"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "12.3X48",
"version_value": "12.3X48-D105"
},
{
"version_affected": "<",
"version_name": "15.1X49",
"version_value": "15.1X49-D220"
},
{
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S7"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R3-S3"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R3-S4"
},
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R3-S6"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R3"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R1-S1, 20.2R2"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R2"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2"
},
{
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "A sample configuration for Captive Portal is shown below:\n\n [system services web-management http ]\n [set system services web-management https]\n [services captive-portal secure-authentication https]\n"
}
],
"credit": [
{
"lang": "eng",
"value": "Juniper SIRT would like to acknowledge and thank Fans0n Fan for responsibly reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A persistent cross-site scripting (XSS) vulnerability in the captive portal graphical user interface of Juniper Networks Junos OS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device.\n\nThis issue affects Juniper Networks Junos OS:\nAll versions, including the following supported releases:\n12.3X48 versions prior to 12.3X48-D105;\n15.1X49 versions prior to 15.1X49-D220;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R3-S9;\n19.1 versions prior to 19.1R3-S7;\n19.2 versions prior to 19.2R3-S3;\n19.3 versions prior to 19.3R3-S4;\n19.4 versions prior to 19.4R3-S6;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R1-S1, 20.2R2;\n20.3 versions prior to 20.3R2;\n20.4 versions prior to 20.4R2;\n21.1 versions prior to 21.1R2."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11220",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11220"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 12.3X48-D105, 15.1X49-D220, 18.3R3-S5, 18.4R3-S9, 19.1R3-S7, 19.2R3-S3, 19.3R3-S4, 19.4R3-S6, 20.1R3, 20.2R1-S1, 20.2R2, 20.3R2, 20.4R2, 21.1R2, 21.2R1 and all subsequent releases.\n\nAdditionally, after performing an upgrade to a resolved release, additional steps must be taken to ensure that all stored malicious scripts are removed from the configuration."
}
],
"source": {
"advisory": "JSA11220",
"defect": [
"1449280"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

115
2021/31xxx/CVE-2021-31356.json
View File

@ -1,18 +1,119 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31356",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS Evolved: Multiple shell-injection vulnerabilities in EVO UI wrapper scripts"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "20.4R3-S1-EVO"
},
{
"version_affected": ">=",
"version_name": "21.1",
"version_value": "21.1R1-EVO"
},
{
"version_affected": ">=",
"version_name": "21.2",
"version_value": "21.2R1-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A command injection vulnerability in command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user.\n\nThe vulnerability allows an attacker to bypass command authorization restrictions assigned to their specific user account and execute commands that are available to the privilege level for which the user is assigned. For example, a user that is in the super-user login class, but restricted to executing specific CLI commands could exploit the vulnerability to execute any other command available to an unrestricted admin user. This vulnerability does not increase the privilege level of the user, but rather bypasses any CLI command restrictions by allowing full access to the shell.\n\nThis issue affects Juniper Networks Junos OS Evolved:\nAll versions prior to 20.4R3-S1-EVO;\nAll versions of 21.1-EVO and 21.2-EVO.\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11221",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11221"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 20.4R3-S1-EVO*, 21.3R1-EVO, and all subsequent releases.\n\n*Late availability"
}
],
"source": {
"advisory": "JSA11221",
"defect": [
"1594651"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Use access lists or firewall filters to limit access to the device via CLI only from trusted hosts and from trusted administrators.\n"
}
]
}

120
2021/31xxx/CVE-2021-31357.json
View File

@ -1,18 +1,124 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31357",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS Evolved: shell-injection vulnerabilities in evo_tcpdump UI wrapper script"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "20.3R2-S1-EVO"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2-S2-EVO"
},
{
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R2-EVO"
},
{
"version_affected": "<",
"version_name": "21.2",
"version_value": "21.2R1-S1-EVO, 21.2R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A command injection vulnerability in tcpdump command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user.\n\nThe vulnerability allows an attacker to bypass command authorization restrictions assigned to their specific user account and execute commands that are available to the privilege level for which the user is assigned. For example, a user that is in the super-user login class, but restricted to executing specific CLI commands could exploit the vulnerability to execute any other command available to an unrestricted admin user. This vulnerability does not increase the privilege level of the user, but rather bypasses any CLI command restrictions by allowing full access to the shell.\n\nThis issue affects Juniper Networks Junos OS Evolved:\nAll versions prior to 20.3R2-S1-EVO;\n20.4 versions prior to 20.4R2-S2-EVO;\n21.1 versions prior to 21.1R2-EVO;\n21.2 versions prior to 21.2R1-S1-EVO, 21.2R2-EVO.\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11221",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11221"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 20.3R2-S1-EVO, 20.4R2-S2-EVO, 21.1R2-EVO, 21.2R1-S1-EVO, 21.2R2-EVO, 21.3R1-EVO, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11221",
"defect": [
"1596122"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Use access lists or firewall filters to limit access to the device via CLI only from trusted hosts and from trusted administrators.\n\nLimit access to the 'monitor traffic' command to authorized administrators."
}
]
}

115
2021/31xxx/CVE-2021-31358.json
View File

@ -1,18 +1,119 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31358",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS Evolved: shell-injection vulnerabilities in evo_sftp UI wrapper script"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "20.4R2-S2-EVO"
},
{
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R2-EVO"
},
{
"version_affected": "<",
"version_name": "21.2",
"version_value": "21.2R1-S1-EVO, 21.2R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A command injection vulnerability in sftp command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user.\n\nThe vulnerability allows an attacker to bypass command authorization restrictions assigned to their specific user account and execute commands that are available to the privilege level for which the user is assigned. For example, a user that is in the super-user login class, but restricted to executing specific CLI commands could exploit the vulnerability to execute any other command available to an unrestricted admin user. This vulnerability does not increase the privilege level of the user, but rather bypasses any CLI command restrictions by allowing full access to the shell.\n\nThis issue affects Juniper Networks Junos OS Evolved:\nAll versions prior to 20.4R2-S2-EVO;\n21.1 versions prior to 21.1R2-EVO;\n21.2 versions prior to 21.2R1-S1-EVO, 21.2R2-EVO."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11221",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11221"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 20.4R2-S2-EVO, 21.1R2-EVO, 21.2R1-S1-EVO, 21.2R2-EVO, 21.3R1-EVO, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11221",
"defect": [
"1596123"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Use access lists or firewall filters to limit access to the device via CLI only from trusted hosts and from trusted administrators.\n\nLimit access to the 'file copy' command to authorized administrators."
}
]
}

204
2021/31xxx/CVE-2021-31359.json
View File

@ -1,18 +1,208 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31359",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: Local Privilege Escalation vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.1",
"version_value": "15.1R7-S10"
},
{
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4R3-S5"
},
{
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S3"
},
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R3-S6"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3-S1"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2-S1, 20.4R3"
},
{
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R1-S1, 21.1R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "20.4R2-S3-EVO"
},
{
"version_affected": ">=",
"version_name": "21.1",
"version_value": "21.1R1-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Juniper SIRT would like to acknowledge and thank awxylitol for responsibly reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting in a Denial of Service (DoS), or execute arbitrary commands as root.\n\nContinued processing of malicious input will repeatedly crash the system and sustain the Denial of Service (DoS) condition.\n\nThis issue affects:\n\nJuniper Networks Junos OS:\nAll versions, including the following supported releases:\n15.1 versions prior to 15.1R7-S10;\n17.4 versions prior to 17.4R3-S5;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R3-S9;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R3-S6;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2.\n\nJuniper Networks Junos OS Evolved:\nAll versions prior to 20.4R2-S3-EVO;\nAll versions of 21.1-EVO.\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11222",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11222"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 15.1R7-S10, 17.4R3-S5, 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R3-S6, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.1R3, 21.2R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-S3-EVO, 21.2R1-EVO, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11222",
"defect": [
"1568654"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Use access lists or firewall filters to limit access to the device via CLI only from trusted hosts and from trusted administrators."
}
]
}

204
2021/31xxx/CVE-2021-31360.json
View File

@ -1,18 +1,208 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31360",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: Denial of Service vulnerability in local file processing"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.1",
"version_value": "15.1R7-S10"
},
{
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4R3-S5"
},
{
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S3"
},
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R3-S6"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3-S1"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2-S1, 20.4R3"
},
{
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R1-S1, 21.1R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "20.4R2-S3-EVO"
},
{
"version_affected": ">=",
"version_name": "21.1",
"version_value": "21.1R1-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Juniper SIRT would like to acknowledge and thank awxylitol for responsibly reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved command-line interpreter (CLI) allows a low-privileged user to overwrite local files as root, possibly leading to a system integrity issue or Denial of Service (DoS). Depending on the files overwritten, exploitation of this vulnerability could lead to a sustained Denial of Service (DoS) condition, requiring manual user intervention to recover.\n\nThis issue affects:\n\nJuniper Networks Junos OS:\nAll versions, including the following supported releases:\n15.1 versions prior to 15.1R7-S10;\n17.4 versions prior to 17.4R3-S5;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R3-S9;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R3-S6;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2.\n\nJuniper Networks Junos OS Evolved:\nAll versions prior to 20.4R2-S3-EVO;\nAll versions of 21.1-EVO.\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11222",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11222"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 15.1R7-S10, 17.4R3-S5, 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R3-S6, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.1R3, 21.2R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-S3-EVO, 21.2R1-EVO, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11222",
"defect": [
"1568654"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Use access lists or firewall filters to limit access to the device via CLI only from trusted hosts and from trusted administrators."
}
]
}

267
2021/31xxx/CVE-2021-31361.json
View File

@ -1,18 +1,271 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31361",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: QFX Series and PTX Series: FPC resource usage increases when certain packets are processed which are being VXLAN encapsulated"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": " QFX Series",
"version_affected": "<",
"version_value": "17.3R3-S11"
},
{
"platform": " QFX Series",
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4R2-S13, 17.4R3-S4"
},
{
"platform": " QFX Series",
"version_affected": "<",
"version_name": "18.1",
"version_value": "18.1R3-S12"
},
{
"platform": " QFX Series",
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R2-S8, 18.2R3-S7"
},
{
"platform": " QFX Series",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S4"
},
{
"platform": " QFX Series",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R1-S8, 18.4R2-S7, 18.4R3-S7"
},
{
"platform": " QFX Series",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R1-S6, 19.1R2-S2, 19.1R3-S4"
},
{
"platform": " QFX Series",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S6, 19.2R3-S2"
},
{
"platform": " QFX Series",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R3-S1"
},
{
"platform": " QFX Series",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R2-S3, 19.4R3-S1"
},
{
"platform": " QFX Series",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2, 20.1R3"
},
{
"platform": " QFX Series",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R2, 20.2R3"
},
{
"platform": " QFX Series",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R1-S1, 20.3R2"
}
]
}
},
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "PTX Series",
"version_affected": "<",
"version_value": "18.4R3-S9"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S3"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R3-S5"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S1"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R2-S1, 20.3R3"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2-S1, 20.4R3"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R1-S1, 21.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "An minimal example VXLAN configuration affected would be:\n\n set bridge-domains vlan-20 vxlan vni 10\n set bridge-domains vlan-20 vlan-id 10\n set bridge-domains vlan-20 interface xe-1/0/1.0\n set interfaces xe-1/0/1 vlan-tagging\n set interfaces xe-1/0/1 encapsulation flexible-ethernet-services\n set interfaces xe-1/0/1 unit 0 encapsulation vlan-bridge\n set interfaces xe-1/0/1 unit 0 vlan-id 10"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability combined with Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on QFX Series and PTX Series allows an unauthenticated network based attacker to cause increased FPC CPU utilization by sending specific IP packets which are being VXLAN encapsulated leading to a partial Denial of Service (DoS).\nContinued receipted of these specific traffic will create a sustained Denial of Service (DoS) condition.\nThis issue affects:\nJuniper Networks Junos OS on QFX Series:\nAll versions prior to 17.3R3-S11;\n17.4 versions prior to 17.4R2-S13, 17.4R3-S4;\n18.1 versions prior to 18.1R3-S12;\n18.2 versions prior to 18.2R2-S8, 18.2R3-S7;\n18.3 versions prior to 18.3R3-S4;\n18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7;\n19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S4;\n19.2 versions prior to 19.2R1-S6, 19.2R3-S2;\n19.3 versions prior to 19.3R3-S1;\n19.4 versions prior to 19.4R2-S3, 19.4R3-S1;\n20.1 versions prior to 20.1R2, 20.1R3;\n20.2 versions prior to 20.2R2, 20.2R3;\n20.3 versions prior to 20.3R1-S1, 20.3R2.\n\nJuniper Networks Junos OS on PTX Series:\nAll versions prior to 18.4R3-S9;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R1-S4, 19.4R3-S5;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R3-S1;\n20.3 versions prior to 20.3R2-S1, 20.3R3;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11223",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11223"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue for QFX Series: 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.1R3-S12, 18.2R2-S8, 18.2R3-S7, 18.3R3-S4, 18.4R1-S8, 18.4R2-S7, 18.4R3-S7, 19.1R1-S6, 19.1R2-S2, 19.1R3-S4, 19.2R1-S6, 19.2R3-S2, 19.3R3-S1, 19.4R2-S3, 19.4R3-S1, 20.1R2, 20.1R3, 20.2R2, 20.2R3, 20.3R1-S1, 20.3R2, 20.4R1, and all subsequent releases.\n\nThe following software releases have been updated to resolve this specific issue for PTX Series: 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R1-S4, 19.4R3-S5, 20.1R2-S2, 20.1R3, 20.2R3-S1, 20.3R2-S1, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11223",
"defect": [
"1490063",
"1584197"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

185
2021/31xxx/CVE-2021-31362.json
View File

@ -1,18 +1,189 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31362",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: An IS-IS adjacency might be taken down if a bad hello PDU is received for an existing adjacency causing a DoS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "18.2R3-S8"
},
{
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S7"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S2"
},
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R3-S3"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R3"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "20.4R2-EVO"
},
{
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": " [ protocols isis interface ]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Protection Mechanism Failure vulnerability in RPD (routing protocol daemon) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause established IS-IS adjacencies to go down by sending a spoofed hello PDU leading to a Denial of Service (DoS) condition.\n\nContinued receipted of these spoofed PDUs will create a sustained Denial of Service (DoS) condition.\nThis issue affects:\nJuniper Networks Junos OS\nAll versions prior to 18.2R3-S8;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R3-S9;\n19.1 versions prior to 19.1R3-S7;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R3-S3;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R3;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R2.\n\nJuniper Networks Junos OS Evolved\nAll versions prior to 20.4R2-EVO;\n21.1 versions prior to 21.1R2-EVO."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-693 Protection Mechanism Failure"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11224",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11224"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue in JUNOS OS: 18.2R3-S8, 18.3R3-S5, 18.4R3-S9, 19.1R3-S7, 19.2R1-S7, 19.2R3-S3, 19.3R2-S6, 19.3R3-S2, 19.4R3-S3, 20.1R3, 20.2R3, 20.3R3, 20.4R2, 21.1R1, and all subsequent releases.\nThe following software releases have been updated to resolve this specific issue in JUNOS OS Evolved: 20.4R2-EVO, 21.1R2-EVO, 21.2R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11224",
"defect": [
"1556575"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

170
2021/31xxx/CVE-2021-31363.json
View File

@ -1,18 +1,174 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31363",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: Receipt of a specific LDP message will cause a Denial of Service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "19.2",
"version_value": "19.2R2"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R3-S3"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S2"
},
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3-S2"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S1, 20.1R3"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R2-S1, 20.2R3"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R1-S2, 20.3R2"
},
{
"version_affected": "!<",
"version_value": "19.2R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "20.1R2-S3-EVO"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R1-S2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "A vulnerable Junos OS configuration would need to have:\n [protocols ldp p2mp]\nand\n [protocols ldp traffic-statistics sensor-based-stats]\n\nFor Junos OS Evolved only:\n [protocols ldp p2mp]\nis need as sensor-based-stats is the default setting which can't be changed."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In an MPLS P2MP environment a Loop with Unreachable Exit Condition vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause high load on RPD which in turn may lead to routing protocol flaps.\nIf a system with sensor-based-stats enabled receives a specific LDP FEC this can lead to the above condition. \n\nContinued receipted of such an LDP FEC will create a sustained Denial of Service (DoS) condition.\nThis issue affects:\nJuniper Networks Junos OS\n19.2 version 19.2R2 and later versions prior to 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2;\n20.1 versions prior to 20.1R2-S1, 20.1R3;\n20.2 versions prior to 20.2R2-S1, 20.2R3;\n20.3 versions prior to 20.3R1-S2, 20.3R2.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 19.2R2.\n\nJuniper Networks Junos OS Evolved\nAll versions prior to 20.1R2-S3-EVO;\n20.3 versions prior to 20.3R1-S2-EVO.\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11225",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11225"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue in Junos OS: 19.2R3-S3, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S2, 20.1R2-S1, 20.1R3, 20.2R2-S1, 20.2R3, 20.3R1-S2, 20.3R2, 20.4R1, and all subsequent releases.\n\nThe following software releases have been updated to resolve this specific issue in Junos OS Evolved: 20.1R2-S3-EVO, 20.3R1-S2-EVO, 20.4R1-EVO, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11225",
"defect": [
"1552041"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "For Junos OS turn off sensor-based-stats by deleting:\n\n [protocols ldp traffic-statistics sensor-based-stats]\n\nFor Junos OS Evolved mLDP will have to be turned off as sensor-based-stats is the default:\n\n [protocols ldp p2mp]"
}
]
}

188
2021/31xxx/CVE-2021-31364.json
View File

@ -1,18 +1,192 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31364",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: SRX Series: The flowd process will crash if log session-close is configured and specific traffic is received"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "<",
"version_value": "17.4R3-S5"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S2"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S2"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R3-S3"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R2-S1, 20.3R3"
},
{
"platform": "SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2",
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "This issue can only occur when logging for session-close is configured similar to the following example:\n\n [security policies from-zone untrust to-zone trust policy policy_name then log session-close]\n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability combined with a Race Condition in the flow daemon (flowd) of Juniper Networks Junos OS on SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2 allows an unauthenticated network based attacker sending specific traffic to cause a crash of the flowd/srxpfe process, responsible for traffic forwarding in SRX, which will cause a Denial of Service (DoS).\nContinued receipt and processing of this specific traffic will create a sustained Denial of Service (DoS) condition.\n\nThis issue can only occur when specific packets are trying to create the same session and logging for session-close is configured as a policy action.\n\nAffected platforms are: SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2. Not affected platforms are: SRX4000 Series, SRX5000 Series with SPC3, and vSRX Series.\nThis issue affects Juniper Networks Junos OS SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2:\nAll versions prior to 17.4R3-S5;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R3-S9;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R1-S4, 19.4R3-S3;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R3;\n20.3 versions prior to 20.3R2-S1, 20.3R3;\n20.4 versions prior to 20.4R2."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11226",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11226"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 17.4R3-S5, 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R3, 20.3R2-S1, 20.3R3, 20.4R2, 21.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11226",
"defect": [
"1571354"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "Please remove the session-close log action from the policy actions of all policies."
}
]
}

344
2021/31xxx/CVE-2021-31365.json
View File

@ -1,18 +1,348 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31365",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: EX2300, EX3400 and EX4300 Series: An Aggregated Ethernet (AE) interface will go down due to a stream of specific layer 2 frames"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_value": "15.1R7-S7"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "16.1",
"version_value": "16.1R7-S8"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "17.1",
"version_value": "17.1R2-S12"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "17.2",
"version_value": "17.2R3-S4"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "17.3",
"version_value": "17.3R3-S8"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4R2-S10, 17.4R3-S2"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "18.1",
"version_value": "18.1R3-S10"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R2-S7, 18.2R3-S3"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R2-S4, 18.3R3-S2"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R1-S7, 18.4R2-S4, 18.4R3-S1"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R1-S5, 19.1R2-S1, 19.1R3"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S5, 19.2R2"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S2, 19.3R3"
},
{
"platform": "EX4300 Series",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S2, 19.4R2"
}
]
}
},
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "EX3400 Series, EX4300-MP Series",
"version_affected": "<",
"version_value": "18.1R3-S12"
},
{
"platform": "EX3400 Series, EX4300-MP Series",
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R3-S7"
},
{
"platform": "EX3400 Series, EX4300-MP Series",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S4"
},
{
"platform": "EX3400 Series, EX4300-MP Series",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R2-S9, 18.4R3-S7"
},
{
"platform": "EX3400 Series, EX4300-MP Series",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R2-S3, 19.1R3-S4"
},
{
"platform": "EX3400 Series, EX4300-MP Series",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R3-S1"
},
{
"platform": "EX3400 Series, EX4300-MP Series",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R3-S1"
},
{
"platform": "EX3400 Series, EX4300-MP Series",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R3-S1"
},
{
"platform": "EX3400 Series, EX4300-MP Series",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R3"
},
{
"platform": "EX3400 Series, EX4300-MP Series",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3"
},
{
"platform": "EX3400 Series, EX4300-MP Series",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R2"
}
]
}
},
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "EX2300 Series",
"version_affected": "<",
"version_value": "18.3R3-S5"
},
{
"platform": "EX2300 Series",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R2-S9, 18.4R3-S9"
},
{
"platform": "EX2300 Series",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R2-S3, 19.1R3-S6"
},
{
"platform": "EX2300 Series",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"platform": "EX2300 Series",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S7, 19.3R3-S3"
},
{
"platform": "EX2300 Series",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R3-S5"
},
{
"platform": "EX2300 Series",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3-S1"
},
{
"platform": "EX2300 Series",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"platform": "EX2300 Series",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3-S1"
},
{
"platform": "EX2300 Series",
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2-S1, 20.4R3"
},
{
"platform": "EX2300 Series",
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "This issue can only occur when the device is configured with Link Aggregation Control Protocol (LACP) in combination with Link Layer Discovery Protocol (LLDP).\n\nThe examples of minimum config stanza affected by this issue:\n [interfaces ae<X> aggregated-ether-options lacp]\nin combination with:\n [protocols lldp interface (all | ae<X>)]\n \n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Uncontrolled Resource Consumption vulnerability in Juniper Networks Junos OS on EX2300, EX3400 and EX4300 Series platforms allows an adjacent attacker sending a stream of layer 2 frames will trigger an Aggregated Ethernet (AE) interface to go down and thereby causing a Denial of Service (DoS).\n\nBy continuously sending a stream of specific layer 2 frames an attacker will sustain the Denial of Service (DoS) condition.\nThis issue affects:\nJuniper Networks Junos OS EX4300 Series\nAll versions prior to 15.1R7-S7;\n16.1 versions prior to 16.1R7-S8;\n17.1 versions prior to 17.1R2-S12;\n17.2 versions prior to 17.2R3-S4;\n17.3 versions prior to 17.3R3-S8;\n17.4 versions prior to 17.4R2-S10, 17.4R3-S2;\n18.1 versions prior to 18.1R3-S10;\n18.2 versions prior to 18.2R2-S7, 18.2R3-S3;\n18.3 versions prior to 18.3R2-S4, 18.3R3-S2;\n18.4 versions prior to 18.4R1-S7, 18.4R2-S4, 18.4R3-S1;\n19.1 versions prior to 19.1R1-S5, 19.1R2-S1, 19.1R3;\n19.2 versions prior to 19.2R1-S5, 19.2R2;\n19.3 versions prior to 19.3R2-S2, 19.3R3;\n19.4 versions prior to 19.4R1-S2, 19.4R2.\n\nJuniper Networks Junos OS EX3400 and EX4300-MP Series\nAll versions prior to 18.1R3-S12;\n18.2 versions prior to 18.2R3-S7;\n18.3 versions prior to 18.3R3-S4;\n18.4 versions prior to 18.4R2-S9, 18.4R3-S7;\n19.1 versions prior to 19.1R2-S3, 19.1R3-S4;\n19.2 versions prior to 19.2R3-S1;\n19.3 versions prior to 19.3R3-S1;\n19.4 versions prior to 19.4R3-S1;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R3;\n20.3 versions prior to 20.3R2.\n\nJuniper Networks Junos OS EX2300 Series\nAll versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S9, 18.4R3-S9;\n19.1 versions prior to 19.1R2-S3, 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S7, 19.3R3-S3;\n19.4 versions prior to 19.4R3-S5;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3-S1;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R2."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11227",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11227"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue in Junos OS \n\n- For EX4300 Series: 15.1R7-S7, 16.1R7-S8, 17.1R2-S12, 17.2R3-S4, 17.3R3-S8, 17.4R2-S10, 17.4R3-S2, 18.1R3-S10, 18.2R2-S7, 18.2R3-S3, 18.3R2-S4, 18.3R3-S2, 18.4R1-S7, 18.4R2-S4, 18.4R3-S1, 19.1R1-S5, 19.1R2-S1, 19.1R3, 19.2R2, 19.3R2-S2, 19.3R3, 19.4R1-S2, 19.4R2, 20.1R1, and all subsequent releases.\n\n- For EX3400 and EX4300-MP Series: 18.1R3-S12, 18.2R3-S7, 18.3R3-S4, 18.4R2-S9, 18.4R3-S7, 19.1R2-S3, 19.1R3-S4, 19.2R3-S1, 19.3R3-S1, 19.4R3-S1, 20.1R3, 20.2R3, 20.3R2, 20.4R1, and all subsequent releases.\n\n -For EX2300 Series: 18.3R3-S5, 18.4R2-S9, 18.4R3-S9, 19.1R2-S3, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R2-S7, 19.3R3-S3, 19.4R3-S5, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3-S1, 20.4R2-S1, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11227",
"defect": [
"1481911",
"1582255",
"1542530"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "Disabling LLDP configuration will prevent this issue."
}
]
}

205
2021/31xxx/CVE-2021-31366.json
View File

@ -1,18 +1,209 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31366",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: MX Series: In subscriber management / BBE configuration authd can crash if a subscriber with a specific username tries to login leading to a DoS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "15.1",
"version_value": "15.1R7-S9"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "17.3",
"version_value": "17.3R3-S12"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4R3-S5"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "18.1",
"version_value": "18.1R3-S13"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R3-S8"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R3-S3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S1"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Unchecked Return Value vulnerability in the authd (authentication daemon) of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an adjacent attacker to cause a crash by sending a specific username. This impacts authentication, authorization, and accounting (AAA) services on the MX devices and leads to a Denial of Service (DoS) condition.\nContinued receipted of these PPP login request will create a sustained Denial of Service (DoS) condition.\nThis issue affects:\nJuniper Networks Junos OS\n15.1 versions prior to 15.1R7-S9;\n17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R3-S5;\n18.1 versions prior to 18.1R3-S13;\n18.2 versions prior to 18.2R3-S8;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R3-S9;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R3-S3;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R3-S1;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R3;\n21.1 versions prior to 21.1R2."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-252"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11228",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11228"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 15.1R7-S9, 17.3R3-S12, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R3-S3, 20.1R3, 20.2R3-S1, 20.3R3, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11228",
"defect": [
"1576182"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "Please always configure a domain map none:\n\n [access domain map none]"
}
]
}

174
2021/31xxx/CVE-2021-31367.json
View File

@ -1,18 +1,178 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31367",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: PTX Series: An FPC heap memory leak will be triggered by certain Flowspec route operations which can lead to an FPC crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "PTX Series",
"version_affected": "<",
"version_value": "18.4R3-S9"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S7"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S3"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R3-S6"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S1"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"platform": "PTX Series",
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "This issue affects Junos OS devices with the BGP FlowSpec configured:\n\n [procotol bgp ... family inet flow]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows an adjacent attacker to cause a Denial of Service (DoS) by sending genuine BGP flowspec packets which cause an FPC heap memory leak. Once having run out of memory the FPC will crash and restart along with a core dump. \nContinued receipted of these packets will create a sustained Denial of Service (DoS) condition.\nThis issue affects:\nJuniper Networks Junos OS\nAll versions prior to 18.4R3-S9;\n19.1 versions prior to 19.1R3-S7;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R1-S4, 19.4R3-S6;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R3-S1;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R3;\n21.1 versions prior to 21.1R2.\n\nJuniper Networks Junos Evolved is not affected."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-401 Improper Release of Memory Before Removing Last Reference"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11229",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11229"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue in Junos OS: 18.4R3-S9, 19.1R3-S7, 19.2R1-S7, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R1-S4, 20.1R2-S2, 20.1R3, 20.2R3-S1, 20.3R3, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11229",
"defect": [
"1589133"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

172
2021/31xxx/CVE-2021-31368.json
View File

@ -1,18 +1,176 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31368",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: EX2300 Series, EX3400 Series, and ACX710 might become unresponsive if the out-of-band management port receives a flood of traffic"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "EX2300 Series, EX3400 Series, ACX710",
"version_affected": "<",
"version_value": "18.1R3-S13"
},
{
"platform": "EX2300 Series, EX3400 Series, ACX710",
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R3-S8"
},
{
"platform": "EX2300 Series, EX3400 Series, ACX710",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"platform": "EX2300 Series, EX3400 Series, ACX710",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R2-S8, 18.4R3-S9"
},
{
"platform": "EX2300 Series, EX3400 Series, ACX710",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S5"
},
{
"platform": "EX2300 Series, EX3400 Series, ACX710",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"platform": "EX2300 Series, EX3400 Series, ACX710",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S2"
},
{
"platform": "EX2300 Series, EX3400 Series, ACX710",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R3-S3"
},
{
"platform": "EX2300 Series, EX3400 Series, ACX710",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3"
},
{
"platform": "EX2300 Series, EX3400 Series, ACX710",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3"
},
{
"platform": "EX2300 Series, EX3400 Series, ACX710",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R2-S1, 20.3R3"
},
{
"platform": "EX2300 Series, EX3400 Series, ACX710",
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks JUNOS OS allows an unauthenticated network based attacker to cause 100% CPU load and the device to become unresponsive by sending a flood of traffic to the out-of-band management ethernet port.\nContinued receipted of a flood will create a sustained Denial of Service (DoS) condition. Once the flood subsides the system will recover by itself.\n\nAn indication that the system is affected by this issue would be that kernel and netisr process are shown to be using a lot of CPU cycles like in the following example output:\n\n user@host> show system processes extensive \n ...\n PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND\n 16 root -72 - 0K 304K WAIT 1 839:40 88.96% intr{swi1: netisr 0}\n 0 root 97 - 0K 160K RUN 1 732:43 87.99% kernel{bcm560xgmac0 que}\nThis issue affects Juniper Networks JUNOS OS on EX2300 Series, EX3400 Series, and ACX710:\nAll versions prior to 18.1R3-S13;\n18.2 versions prior to 18.2R3-S8;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S8, 18.4R3-S9;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R1-S4, 19.4R3-S3;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R3;\n20.3 versions prior to 20.3R2-S1, 20.3R3;\n20.4 versions prior to 20.4R2."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11230",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11230"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 18.1R3-S13, 18.3R3-S5, 18.4R2-S8, 18.4R3-S9, 19.1R3-S5, 19.2R1-S7, 19.2R3-S3, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R3, 20.3R2-S1, 20.3R3, 20.4R2, 21.1R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11230",
"defect": [
"1536800"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

186
2021/31xxx/CVE-2021-31369.json
View File

@ -1,18 +1,190 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31369",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: MX Series: Traffic drops will be observed if MS-MPC/MS-PIC resources are consumed by certain traffic causing a partial DoS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "MX Series",
"version_affected": "<",
"version_value": "17.4R3-S5"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S7, 19.3R3-S3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R3-S5"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3-S1"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2-S1, 20.4R3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R1-S1, 21.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "A vulnerable configuration would need to contain:\n\n [services service-set service-set_name cos-rule-sets cos-rule-set_name]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On MX Series platforms with MS-MPC/MS-MIC, an Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated network attacker to cause a partial Denial of Service (DoS) with a high rate of specific traffic. If a Class of Service (CoS) rule is attached to the service-set and a high rate of specific traffic is processed by this service-set, for some of the other traffic which has services applied and is being processed by this MS-MPC/MS-MIC drops will be observed.\nContinued receipted of this high rate of specific traffic will create a sustained Denial of Service (DoS) condition.\nThis issue affects:\nJuniper Networks Junos OS on MX Series with MS-MPC/MS-MIC:\nAll versions prior to 17.4R3-S5;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R3-S9;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S7, 19.3R3-S3;\n19.4 versions prior to 19.4R3-S5;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770 Allocation of Resources Without Limits or Throttling"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11231",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11231"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 17.4R3-S5, 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R2-S7, 19.3R3-S3, 19.4R3-S5, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11231",
"defect": [
"1582030"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

186
2021/31xxx/CVE-2021-31370.json
View File

@ -1,18 +1,190 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31370",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: QFX5000 Series and EX4600 Series: Control traffic might be dropped if a high rate of specific multicast traffic is received"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "QFX5000 Series, EX4600 Series",
"version_affected": "<",
"version_value": "17.3R3-S12"
},
{
"platform": "QFX5000 Series, EX4600 Series",
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4R3-S5"
},
{
"platform": "QFX5000 Series, EX4600 Series",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"platform": "QFX5000 Series, EX4600 Series",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"platform": "QFX5000 Series, EX4600 Series",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"platform": "QFX5000 Series, EX4600 Series",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"platform": "QFX5000 Series, EX4600 Series",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S3"
},
{
"platform": "QFX5000 Series, EX4600 Series",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R3-S3"
},
{
"platform": "QFX5000 Series, EX4600 Series",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3-S1"
},
{
"platform": "QFX5000 Series, EX4600 Series",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"platform": "QFX5000 Series, EX4600 Series",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"platform": "QFX5000 Series, EX4600 Series",
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2-S2, 20.4R3"
},
{
"platform": "QFX5000 Series, EX4600 Series",
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R1-S1, 21.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Incomplete List of Disallowed Inputs vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an adjacent unauthenticated attacker which sends a high rate of specific multicast traffic to cause control traffic received from the network to be dropped. This will impact control protocols (including but not limited to routing-protocols) and lead to a Denial of Service (DoS).\n\nContinued receipt of this specific multicast traffic will create a sustained Denial of Service (DoS) condition.\nThis issue affects Juniper Networks Junos OS on QFX5000 and EX4600 Series:\nAll versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R3-S5;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R3-S9;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R1-S4, 19.4R3-S3;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R2-S2, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-184: Incomplete List of Disallowed Inputs"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11232",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11232"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 17.3R3-S12, 17.4R3-S5, 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R1-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3, 20.4R2-S2, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11232",
"defect": [
"1576488"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "Please ensure you have a loopback filter applied to drop unneeded multicast traffic.\n\nYou can find further information on such filters in https://www.rfc-editor.org/rfc/rfc6192 and in \"Hardening Junos Devices, 2nd Edition\" at https://www.juniper.net/documentation/jnbooks/us/en/day-one-books"
}
]
}

178
2021/31xxx/CVE-2021-31371.json
View File

@ -1,18 +1,182 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31371",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: QFX5110 Series: Traffic from the network internal to the device (128.0.0.0) may be forwarded to egress interfaces."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "QFX5110 Series",
"version_affected": "<",
"version_value": "17.3R3-S12"
},
{
"platform": "QFX5110 Series",
"version_affected": "<",
"version_name": "18.1",
"version_value": "18.1R3-S13"
},
{
"platform": "QFX5110 Series",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"platform": "QFX5110 Series",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"platform": "QFX5110 Series",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"platform": "QFX5110 Series",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S3"
},
{
"platform": "QFX5110 Series",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R3-S5"
},
{
"platform": "QFX5110 Series",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3-S1"
},
{
"platform": "QFX5110 Series",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"platform": "QFX5110 Series",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3-S1"
},
{
"platform": "QFX5110 Series",
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2-S1, 20.4R3"
},
{
"platform": "QFX5110 Series",
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R1-S1, 21.1R2"
},
{
"platform": "QFX5110 Series",
"version_affected": "<",
"version_name": "21.2",
"version_value": "21.2R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5110 switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet, leading to an information exposure vulnerability.\n \n\n\nThis issue affects:\nJuniper Networks Junos OS on QFX5110 Series:\nAll versions prior to 17.3R3-S12;\n18.1 versions prior to 18.1R3-S13;\n18.3 versions prior to 18.3R3-S5;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R1-S4, 19.4R3-S5;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3-S1;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2;\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11236",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11236"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 17.3R3-S12, 18.1R3-S13, 18.3R3-S5, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R1-S4, 19.4R3-S5, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3-S1, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11236",
"defect": [
"1561722"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "Configure a firewall filter to discard packets sourced from the internal network.\n\nDisabling the net.transit_re sysctl flag will also cause management traffic forwarded to the PFE ports to be dropped:\n % sysctl -w net.transit_re=0\n\nNote that sysctl flags do not survive a reboot."
}
]
}

180
2021/31xxx/CVE-2021-31372.json
View File

@ -1,18 +1,184 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31372",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root. "
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "18.3R3-S5"
},
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R3-S3"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R3-S3"
},
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R3-S5"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R3-S1"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3-S1"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R2, 21.1R3"
},
{
"version_affected": "<",
"version_name": "21.2",
"version_value": "21.2R1-S1, 21.2R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The examples of the config stanza affected by this issue:\n\n [system services web-management]\n [system services web-management https]\n"
}
],
"credit": [
{
"lang": "eng",
"value": "Andy Coles of Microsoft MSRC Vulnerabilities and Mitigations Team"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated J-Web attacker to escalate their privileges to root over the target device.\nThis issue affects:\nJuniper Networks Junos OS\nAll versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R3-S9;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R3-S3;\n19.3 versions prior to 19.3R3-S3;\n19.4 versions prior to 19.4R3-S5;\n20.1 versions prior to 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3-S1;\n20.4 versions prior to 20.4R3;\n21.1 versions prior to 21.1R2, 21.1R3;\n21.2 versions prior to 21.2R1-S1, 21.2R2;\n\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11237",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11237"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R3-S3, 19.3R3-S3, 19.4R3-S5, 20.1R3-S1, 20.2R3-S2, 20.3R3-S1, 20.4R3, 21.1R2, 21.1R3, 21.2R1-S1, 21.2R2, 21.3R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11237",
"defect": [
"1594516"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "To reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users.\n\nAlternatively, J-Web can be disabled."
}
]
}

175
2021/31xxx/CVE-2021-31373.json
View File

@ -1,18 +1,179 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31373",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: SRX Series: Persistent XSS vulnerability in J-Web"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "SRX Series",
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R3-S8"
},
{
"platform": "SRX Series",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"platform": "SRX Series",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S8"
},
{
"platform": "SRX Series",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S5"
},
{
"platform": "SRX Series",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"platform": "SRX Series",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S3"
},
{
"platform": "SRX Series",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3-S3"
},
{
"platform": "SRX Series",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3"
},
{
"platform": "SRX Series",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S1"
},
{
"platform": "SRX Series",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R2-S1, 20.3R3"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The examples of the config stanza affected by this issue:\n\n [system services web-management]\n [system services web-management https]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A persistent Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos OS on SRX Series, J-Web interface may allow a remote authenticated user to inject persistent and malicious scripts. An attacker can exploit this vulnerability to steal sensitive data and credentials from a web administration session, or hijack another user's active session to perform administrative actions.\nThis issue affects:\nJuniper Networks Junos OS on SRX Series:\n18.2 versions prior to 18.2R3-S8;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R3-S8;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R3-S1;\n20.3 versions prior to 20.3R2-S1, 20.3R3.\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11238",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11238"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 18.2R3-S8, 18.3R3-S5, 18.4R3-S8, 19.1R3-S5, 19.2R1-S7, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R3-S1, 20.3R2-S1, 20.3R3, 20.4R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11238",
"defect": [
"1460162"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "To reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users.\n\nAlternatively, J-Web can be disabled.\n"
}
]
}

192
2021/31xxx/CVE-2021-31374.json
View File

@ -1,18 +1,196 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31374",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: RPD crash while processing a specially crafted BGP UPDATE or KEEPALIVE message."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.3",
"version_value": "17.3R3-S11"
},
{
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4R2-S13, 17.4R3-S4"
},
{
"version_affected": "<",
"version_name": "18.1",
"version_value": "18.1R3-S12"
},
{
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R2-S8, 18.2R3-S7"
},
{
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S4"
},
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R1-S8, 18.4R2-S7, 18.4R3-S7"
},
{
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R1-S6, 19.1R2-S2, 19.1R3-S4"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S6, 19.2R3-S1"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S5, 19.3R3-S1"
},
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R2-S3, 19.4R3-S1"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R2"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R1-S1, 20.3R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The following minimal configuration is necessary:\n\n* Must be running Junos OS or Junos OS Evolved.\n* A BGP peering session is established."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). \nContinued receipt and processing of this message will create a sustained Denial of Service (DoS) condition.\n\nThis issue affects both IBGP and EBGP deployments over IPv4 or IPv6.\nThis issue affects:\nJuniper Networks Junos OS:\n17.3 versions prior to 17.3R3-S11;\n17.4 versions prior to 17.4R2-S13, 17.4R3-S4;\n18.1 versions prior to 18.1R3-S12;\n18.2 versions prior to 18.2R2-S8, 18.2R3-S7;\n18.3 versions prior to 18.3R3-S4;\n18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7;\n19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S4;\n19.2 versions prior to 19.2R1-S6, 19.2R3-S1;\n19.3 versions prior to 19.3R2-S5, 19.3R3-S1;\n19.4 versions prior to 19.4R1-S4, 19.4R1-S4, 19.4R2-S3, 19.4R3-S1;\n20.1 versions prior to 20.1R2;\n20.2 versions prior to 20.2R2;\n20.3 versions prior to 20.3R1-S1, 20.3R2.\n\nJuniper Networks Junos OS Evolved:\n20.3 versions prior to 20.3R2-EVO."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11239",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11239"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: \nJunos OS: 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.1R3-S12, 18.2R2-S8, 18.3R3-S4, 18.4R1-S8, 18.4R2-S7, 18.4R3-S7, 19.1R1-S6, 19.1R2-S2, 19.1R3-S4, 19.2R1-S6, 19.2R3-S1, 19.3R2-S5, 19.3R3-S1, 19.4R1-S4, 19.4R2-S3, 19.4R3-S1, 20.1R2, 20.1R3, 20.2R2, 20.2R3, 20.3R1-S1, 20.3R2, 20.4R1, and all subsequent releases.\n\nJunos OS Evolved: 20.3R2-EVO and all subsequent releases."
}
],
"source": {
"advisory": "JSA11239",
"defect": [
"1543234"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

175
2021/31xxx/CVE-2021-31375.json
View File

@ -1,18 +1,179 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31375",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: Receipt of a specific BGP update may cause RPKI policy-checks to be bypassed"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "12.3",
"version_value": "12.3R12-S18"
},
{
"version_affected": "<",
"version_name": "15.1",
"version_value": "15.1R7-S9"
},
{
"version_affected": "<",
"version_name": "17.2",
"version_value": "17.2R3-S3"
},
{
"version_affected": "<",
"version_name": "17.3",
"version_value": "17.3R3-S7"
},
{
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4R2-S9, 17.4R3"
},
{
"version_affected": "<",
"version_name": "18.1",
"version_value": "18.1R3-S13"
},
{
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R3-S3"
},
{
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S1"
},
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3"
},
{
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R2"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R2"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The following minimal configuration is necessary:\n\n* Must be running Junos OS.\n* A BGP peering session is established.\n* BGP Origin Validation is configured with RPKI.\n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Input Validation vulnerability in routing process daemon (RPD) of Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI), allows an attacker to send a specific BGP update which may cause RPKI policy-checks to be bypassed. This, in turn, may allow a spoofed advertisement to be accepted or propagated.\nThis issue affects:\nJuniper Networks Junos OS\n12.3 versions prior to 12.3R12-S18;\n15.1 versions prior to 15.1R7-S9;\n17.2 versions prior to 17.2R3-S3;\n17.3 versions prior to 17.3R3-S7;\n17.4 versions prior to 17.4R2-S9, 17.4R3;\n18.1 versions prior to 18.1R3-S13;\n18.2 versions prior to 18.2R3-S3;\n18.3 versions prior to 18.3R3-S1;\n18.4 versions prior to 18.4R3;\n19.1 versions prior to 19.1R2;\n19.2 versions prior to 19.2R2;\n19.3 versions prior to 19.3R2.\n\n\n\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-358 Improperly Implemented Security Check for Standard"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11240",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11240"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S18, 15.1R7-S9, 17.2R3-S3, 17.3R3-S7, 17.4R2-S9, 17.4R3, 18.1R3-S13, 18.2R3-S3, 18.3R3-S1, 18.4R3, 19.1R2, 19.2R2, 19.3R2, 19.4R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11240",
"defect": [
"1463306"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

127
2021/31xxx/CVE-2021-31376.json
View File

@ -1,18 +1,131 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31376",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: ACX Series: Packet Forwarding Engine manager (FXPC) process crashes when processing DHCPv6 packets"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096",
"version_affected": "!<",
"version_name": "18.4",
"version_value": "18.4R3-S7"
},
{
"platform": "ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096",
"version_affected": ">=",
"version_name": "18.4",
"version_value": "18.4R3-S7"
},
{
"platform": "ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S8"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Input Validation vulnerability in Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending specific DHCPv6 packets to the device and crashing the FXPC service. \nContinued receipt and processing of this specific packet will create a sustained Denial of Service (DoS) condition.\n\nThis issue affects only the following platforms in ACX Series:\nACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096 devices.\n\nOther ACX platforms are not affected from this issue.\nThis issue affects Juniper Networks Junos OS on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096:\n18.4 version 18.4R3-S7 and later versions prior to 18.4R3-S8.\n\nThis issue does not affect:\nJuniper Networks Junos OS 18.4 versions prior to 18.4R3-S7 on ACX500, ACX1000, ACX1100, ACX2100, ACX2200, ACX4000, ACX5048, ACX5096."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11241",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11241"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 18.4R3-S8.\n"
}
],
"source": {
"advisory": "JSA11241",
"defect": [
"1565716"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

184
2021/31xxx/CVE-2021-31377.json
View File

@ -1,18 +1,188 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31377",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: A local authenticated attacker can cause RPD to core"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.1",
"version_value": "15.1R7-S9"
},
{
"version_affected": "<",
"version_name": "17.3",
"version_value": "17.3R3-S12"
},
{
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4R2-S13, 17.4R3-S5"
},
{
"version_affected": "<",
"version_name": "18.1",
"version_value": "18.1R3-S13"
},
{
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R3-S8"
},
{
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R2-S8, 18.4R3-S7"
},
{
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R2-S3, 19.1R3-S5"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R3-S2"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S2"
},
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3-S2"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R2-S3, 20.2R3"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R1-S1, 20.4R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Incorrect Permission Assignment for Critical Resource vulnerability of a certain file in the filesystem of Junos OS allows a local authenticated attacker to cause routing process daemon (RPD) to crash and restart, causing a Denial of Service (DoS). \n\nRepeated actions by the attacker will create a sustained Denial of Service (DoS) condition. \n\n\nThis issue affects:\nJuniper Networks Junos OS:\n15.1 versions prior to 15.1R7-S9;\n17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R2-S13, 17.4R3-S5;\n18.1 versions prior to 18.1R3-S13;\n18.2 versions prior to 18.2R3-S8;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S8, 18.4R3-S7;\n19.1 versions prior to 19.1R2-S3, 19.1R3-S5;\n19.2 versions prior to 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R2-S3, 20.2R3;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R1-S1, 20.4R2."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732 Incorrect Permission Assignment for Critical Resource"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11242",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11242"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 15.1R7-S9, 17.3R3-S12, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S7, 19.1R3-S5, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S2, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R3, 20.4R1-S1, 20.4R2, 21.1R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11242",
"defect": [
"1543261"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "To reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users."
}
]
}

205
2021/31xxx/CVE-2021-31378.json
View File

@ -1,18 +1,209 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31378",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: An attacker sending spoofed RADIUS messages to a Junos OS device configured for broadband services may cause broadband subscribers to remain stuck in a \"Terminating\" state."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.3",
"version_value": "17.3R3-S12"
},
{
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4R3-S5"
},
{
"version_affected": "<",
"version_name": "18.1",
"version_value": "18.1R3-S13"
},
{
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R3-S8"
},
{
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R2-S8, 18.4R3-S9"
},
{
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S3"
},
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R1-S4, 19.4R3-S3"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R3"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S1"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R2"
},
{
"version_affected": "!>=",
"version_name": "12.3",
"version_value": "12.3R1"
},
{
"version_affected": "!>=",
"version_name": "15.1",
"version_value": "15.1R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The following minimum system configuration is necessary to be potentially exposed to this issue: \n\n* In broadband environments\n* In Enhanced Subscriber Management environment (i.e., \"system services subscriber-management enable\" is configured) \n* RADIUS server is configured for subscriber access (i.e., define RADIUS server at \"access radius-server\" or \"access profile <> radius-server\" hierarchy level)\n "
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In broadband environments, including but not limited to Enhanced Subscriber Management, (CHAP, PPP, DHCP, etc.), on Juniper Networks Junos OS devices where RADIUS servers are configured for managing subscriber access and a subscriber is logged in and then requests to logout, the subscriber may be forced into a \"Terminating\" state by an attacker who is able to send spoofed messages appearing to originate from trusted RADIUS server(s) destined to the device in response to the subscriber's request. These spoofed messages cause the Junos OS General Authentication Service (authd) daemon to force the broadband subscriber into this \"Terminating\" state which the subscriber will not recover from thereby causing a Denial of Service (DoS) to the endpoint device. Once in the \"Terminating\" state, the endpoint subscriber will no longer be able to access the network. Restarting the authd daemon on the Junos OS device will temporarily clear the subscribers out of the \"Terminating\" state. As long as the attacker continues to send these spoofed packets and subscribers request to be logged out, the subscribers will be returned to the \"Terminating\" state thereby creating a persistent Denial of Service to the subscriber.\n\nAn indicator of compromise may be seen by displaying the output of \"show subscribers summary\". The presence of subscribers in the \"Terminating\" state may indicate the issue is occurring.\n\nThis issue affects:\nJuniper Networks Junos OS\n17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R3-S5;\n18.1 versions prior to 18.1R3-S13;\n18.2 versions prior to 18.2R3-S8;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S8, 18.4R3-S9;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R1-S4, 19.4R1-S4, 19.4R3-S3;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R3-S1;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R3;\n21.1 versions prior to 21.1R2.\n\nThis issue does not affect:\nJuniper Networks Junos OS\n12.3 version 12.3R1 and later versions;\n15.1 version 15.1R1 and later versions. \n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-772: Missing Release of Resource after Effective Lifetime"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11246",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11246"
},
{
"name": "https://www.juniper.net/documentation/us/en/software/junos/subscriber-mgmt-sessions/topics/topic-map/general-authentication-service-events-tracing.html",
"refsource": "MISC",
"url": "https://www.juniper.net/documentation/us/en/software/junos/subscriber-mgmt-sessions/topics/topic-map/general-authentication-service-events-tracing.html"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 17.3R3-S12, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R1-S4, 19.4R3-S3, 20.1R3, 20.2R3-S1, 20.3R3, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases.\n\n\n"
}
],
"source": {
"advisory": "JSA11246",
"defect": [
"1583090"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

185
2021/31xxx/CVE-2021-31379.json
View File

@ -1,18 +1,189 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31379",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: MX Series: MPC 7/8/9/10/11 cards with MAP-E: PFE halts when an attacker sends malformed IPv4 or IPv6 traffic inside the MAP-E tunnel."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "MX Series",
"version_affected": ">=",
"version_name": "17.2",
"version_value": "17.2R1"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "17.3",
"version_value": "17.3R3-S9"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4R2-S12, 17.4R3-S3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "18.1",
"version_value": "18.1R3-S11"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R2-S6, 18.2R3-S3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R2-S4, 18.3R3-S1"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R1-S8, 18.4R2-S5, 18.4R3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R1-S6, 19.1R2-S2, 19.1R3"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S5, 19.2R2"
},
{
"platform": "MX Series",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S5, 19.3R3"
},
{
"platform": "MX Series",
"version_affected": "!<",
"version_value": "17.2R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The following minimal configuration is necessary: \n\n [chassis fpc <fpc-number> pic <pic-number> inline-services bandwidth <bandwidth>]\n [interfaces <si-interface-name> unit <inside-logical-unit> family inet]\n [interfaces <si-interface-name> unit <inside-logical-unit> family inet6]\n [interfaces <si-interface-name> unit <inside-logical-unit> service-domain inside]\n [interfaces <si-interface-name> unit <outside-logical-unit> family inet]\n [interfaces <si-interface-name> unit <outside-logical-unit> family inet6]\n [interfaces <si-interface-name> unit <outside-logical-unit> service-domain outside]\n [services softwire softwire-concentrator map-e <mape-instance-name> version03]\n [services softwire softwire-concentrator map-e <mape-instance-name> softwire-address <IPv6-Address>]\n [services softwire softwire-concentrator map-e <mape-instance-name> ipv4-prefix <IPv4-Prefix> mape-prefix <IPv6-Prefix>]\n [services softwire softwire-concentrator map-e <mape-instance-name> ea-bits-len <0..48>]\n [services softwire softwire-concentrator map-e <mape-instance-name> psid-off[set <0..16>]\n [services softwire softwire-concentrator map-e <mape-instance-name> psid-length <0..16>]\n [services softwire softwire-concentrator map-e <mape-instance-name> mtu-ipv6 <1280..9192>]\n [services softwire softwire-concentrator map-e <mape-instance-name> v4-reassembly]\n [services softwire rule <mape-rule-name> match-direction input term <term-name> then map-e <mape-instance-name>]\n [services service-set <service-set-name> softwire-rules <mape-rule-name>]\n [services service-set <service-set-name> next-hop-service inside-service-interface <si-interface-name.inside-logical-unit> outside-service-interface <si-interface-name.outside-logical-unit>]\n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Incorrect Behavior Order vulnerability in the MAP-E automatic tunneling mechanism of Juniper Networks Junos OS allows an attacker to send certain malformed IPv4 or IPv6 packets to cause a Denial of Service (DoS) to the PFE on the device which is disabled as a result of the processing of these packets.\n\nContinued receipt and processing of these malformed IPv4 or IPv6 packets will create a sustained Denial of Service (DoS) condition. \n\nThis issue only affects MPC 7/8/9/10/11 cards, when MAP-E IP reassembly is enabled on these cards.\n\nAn indicator of compromise is the output: \n FPC [\"FPC ID\" # e.g. \"0\"]\n PFE #{PFE ID # e.g. \"1\"]\n : Fabric Disabled\n\nExample: \n FPC 0\n PFE #1\n : Fabric Disabled\n\nwhen using the command:\n show chassis fabric fpcs\n\nAn example of a healthy result of the command use would be: \n user@device-re1> show chassis fabric fpcs \n Fabric management FPC state:\n FPC 0\n PFE #0\n Plane 0: Plane enabled\n Plane 1: Plane enabled\n Plane 2: Plane enabled\n Plane 3: Plane enabled\n Plane 4: Plane enabled\n Plane 5: Plane enabled\n Plane 6: Plane enabled\n Plane 7: Plane enabled\nThis issue affects:\nJuniper Networks Junos OS on MX Series with MPC 7/8/9/10/11 cards, when MAP-E IP reassembly is enabled on these cards.\n17.2 version 17.2R1 and later versions;\n17.3 versions prior to 17.3R3-S9;\n17.4 versions prior to 17.4R2-S12, 17.4R3-S3;\n18.1 versions prior to 18.1R3-S11;\n18.2 versions prior to 18.2R2-S6, 18.2R3-S3;\n18.3 versions prior to 18.3R2-S4, 18.3R3-S1;\n18.4 versions prior to 18.4R1-S8, 18.4R2-S5, 18.4R3;\n19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3;\n19.2 versions prior to 19.2R1-S5, 19.2R2;\n19.3 versions prior to 19.3R2-S5, 19.3R3.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 17.2R1."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-696 Incorrect Behavior Order"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11247",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11247"
},
{
"name": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/map-e-configuring.html",
"refsource": "MISC",
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/map-e-configuring.html"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 17.3R3-S9, 17.4R2-S12, 17.4R3-S3, 18.1R3-S11, 18.2R2-S6, 18.2R3-S3, 18.3R2-S4, 18.3R3-S1, 18.4R1-S8, 18.4R2-S5, 18.4R3, 19.1R1-S6, 19.1R2-S2, 19.1R3, 19.2R1-S5, 19.2R2, 19.3R2-S5, 19.3R3, 19.4R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11247",
"defect": [
"1468454"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "To work around this issue customers can either:\n\n1. Disable Mapping of Address and port - Encapsulation (MAP-E) as an inline service on MX Series routers that use MPC and MIC interfaces.\n\nor\n\n2. Determine where the MAP-E v4 or v6 reassembly exists, review the following hierarchies and disable the \"v4-reassembly;\" and \"v6-reassembly;\" options where they exist:\n\n [services softwire softwire-concentrator]\n [services softwires softwire-types]\n [security softwires]\n\nand the following syntaxes: \n\n map-e name {\n v4-reassembly; <<<<< DISABLE the v4-reassembly option.\n v6-reassembly; <<<<< DISABLE the v6-reassembly option.\n }\n"
}
]
}

118
2021/31xxx/CVE-2021-31380.json
View File

@ -1,18 +1,122 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31380",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "SRC Series: A remote attacker sending a specially crafted query may cause the web server to disclose sensitive information"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SRC Series",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "4.12.0R5"
},
{
"version_affected": "<",
"version_name": "4.13.0",
"version_value": "4.13.0R3"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to disclose sensitive information in the HTTP response which allows the attacker to obtain sensitive information."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-16 Configuration"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11248",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11248"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 4.12.0R5, 4.13.0R3, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11248",
"defect": [
"1487222"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue.\n\nTo reduce the risk of exploitation utilize common security BCPs to limit the exploitable surface by limiting access to network and device to trusted systems, administrators, networks and hosts."
}
]
}

118
2021/31xxx/CVE-2021-31381.json
View File

@ -1,18 +1,122 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31381",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "SRC Series: A remote attacker sending a specially crafted query may cause the web server to delete files"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SRC Series",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "4.12.0R5"
},
{
"version_affected": "<",
"version_name": "4.13.0",
"version_value": "4.13.0R3"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to delete files which may allow the attacker to disrupt the integrity and availability of the system."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-16 Configuration"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11248",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11248"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 4.12.0R5, 4.13.0R3, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11248",
"defect": [
"1487223"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue.\n\nTo reduce the risk of exploitation utilize common security BCPs to limit the exploitable surface by limiting access to network and device to trusted systems, administrators, networks and hosts."
}
]
}

281
2021/31xxx/CVE-2021-31382.json
View File

@ -1,18 +1,285 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31382",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: PTX1000 System, PTX10002-60C System: After upgrading, configured firewall filters may be applied on incorrect interfaces"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "PTX1000 System",
"version_affected": ">=",
"version_name": "17.2",
"version_value": "17.2R1"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "17.3",
"version_value": "17.3R3-S12"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "17.4",
"version_value": "17.4R3-S5"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "18.1",
"version_value": "18.1R3-S13"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "18.2",
"version_value": "18.2R3-S8"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R1-S8, 18.4R2-S8, 18.4R3-S8"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S5"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R3-S2"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S3"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R2-S4, 19.4R3-S3"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R3"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R2-S3, 20.2R3"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R2-S1, 20.3R3"
},
{
"platform": "PTX1000 System",
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R1-S1, 20.4R2"
},
{
"platform": "PTX1000 System",
"version_affected": "!<",
"version_value": "17.2R1"
}
]
}
},
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "PTX10002-60C System",
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"platform": "PTX10002-60C System",
"version_affected": ">",
"version_name": "19.1",
"version_value": "19.1R1"
},
{
"platform": "PTX10002-60C System",
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R2-S5, 19.4R3-S5"
},
{
"platform": "PTX10002-60C System",
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R3-S1"
},
{
"platform": "PTX10002-60C System",
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"platform": "PTX10002-60C System",
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3-S1"
},
{
"platform": "PTX10002-60C System",
"version_affected": ">=",
"version_name": "20.4",
"version_value": "20.4R1"
},
{
"platform": "PTX10002-60C System",
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R2"
},
{
"platform": "PTX10002-60C System",
"version_affected": ">=",
"version_name": "21.2",
"version_value": "21.2R1"
},
{
"platform": "PTX10002-60C System",
"version_affected": "<",
"version_name": "21.3",
"version_value": "21.3R2"
},
{
"platform": "PTX10002-60C System",
"version_affected": "!<",
"version_name": "18.2",
"version_value": "18.2R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "Configuration examples for firewall filtering are posted on the support site and in the product documentation."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On PTX1000 System, PTX10002-60C System, after upgrading to an affected release, a Race Condition vulnerability between the chassis daemon (chassisd) and firewall process (dfwd) of Juniper Networks Junos OS, may update the device's interfaces with incorrect firewall filters. This issue only occurs when upgrading the device to an affected version of Junos OS.\n\nInterfaces intended to have protections may have no protections assigned to them. Interfaces with one type of protection pattern may have alternate protections assigned to them. Interfaces intended to have no protections may have protections assigned to them.\n\nThese firewall rule misassignments may allow genuine traffic intended to be stopped at the interface to propagate further, potentially causing disruptions in services by propagating unwanted traffic. An attacker may be able to take advantage of these misassignments.\n\nThis issue affects Juniper Networks Junos OS on PTX1000 System:\n17.2 versions 17.2R1 and later versions prior to 17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R3-S5;\n18.1 versions prior to 18.1R3-S13;\n18.2 versions prior to 18.2R3-S8;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R2-S4, 19.4R3-S3;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R2-S3, 20.2R3;\n20.3 versions prior to 20.3R2-S1, 20.3R3;\n20.4 versions prior to 20.4R1-S1, 20.4R2.\n\nThis issue does not affect Juniper Networks Junos OS prior to version 17.2R1 on PTX1000 System.\n\nThis issue affects Juniper Networks Junos OS on PTX10002-60C System:\n18.2 versions 18.2R1 and later versions prior to 18.4 versions prior to 18.4R3-S9;\n19.1 versions later than 19.1R1 prior to 19.4 versions prior to 19.4R2-S5, 19.4R3-S5;\n20.1 versions prior to 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3-S1;\n20.4 versions 20.4R1 and later versions prior to 21.1 versions prior to 21.1R2;\n21.2 versions 21.2R1 and later versions prior to 21.3 versions prior to 21.3R2.\n\nThis issue does not affect Juniper Networks Junos OS prior to version 18.2R1 on PTX10002-60C System.\n \nThis issue impacts all filter families (inet, inet6, etc.) and all loopback filters.\n\nIt does not rely upon the location where a filter is set, impacting both logical and physical interfaces.\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11250",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11250"
},
{
"name": "https://kb.juniper.net/KB10956",
"refsource": "MISC",
"url": "https://kb.juniper.net/KB10956"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS on PTX1000 System: 17.3R3-S12, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R1-S8, 18.4R2-S8, 18.4R3-S8, 19.1R3-S5, 19.2R3-S2, 19.3R2-S6, 19.3R3-S3, 19.4R2-S4, 19.4R3-S3, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2-S1, 20.3R3, 20.4R1-S1, 20.4R2, 21.1R1, and all subsequent releases.\n\nJunos OS on PTX10002-60C System: 18.4R3-S9, 19.4R2-S5, 19.4R3-S5, 20.1R3-S1, 20.2R3-S2, 20.3R3-S1, 21.1R2, 21.3R2, 21.4R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11250",
"defect": [
"1517804",
"1602292"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "Restart the firewall daemon after the system has rebooted after the upgrade. \n"
}
]
}

179
2021/31xxx/CVE-2021-31383.json
View File

@ -1,18 +1,183 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31383",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: In Point to MultiPoint (P2MP) scenarios receipt of various crafted packets causes RPD to core. "
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R3-S2"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S2"
},
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3-S3"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R2-S3, 20.2R3"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R2"
},
{
"version_affected": "!<",
"version_value": "19.2R1"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R3-EVO"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-EVO"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The following configuration is required for Junos OS:\n [protocols ldp p2mp]\n [protocols ldp interface \"interface\"]\n [protocols ldp traffic-statistics {sensor-based-stats;}]\n\nThe following configuration is required for Junos OS Evolved: \n [configuration protocols ldp p2mp]\n [configuration protocols ldp interface \"interface\"]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a remote unauthenticated network attacker causes the RPD to crash causing a Denial of Service (DoS). \n\nContinued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition.\n\nThis issue affects:\nJuniper Networks Junos OS\n19.2 versions prior to 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R2-S3, 20.2R3;\n20.3 versions prior to 20.3R2.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 19.2R1.\n\nJuniper Networks Junos OS Evolved\n20.1 versions prior to 20.1R3-EVO;\n20.2 versions prior to 20.2R3-EVO;\n20.3 versions prior to 20.3R2-EVO.\n\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "improper usage of a source to destination copy write operation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11251",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11251"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS: 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R1, and all subsequent releases.\n\nJunos OS Evolved: 20.1R3-EVO, 20.2R3-EVO, 20.3R2-EVO, 20.4R1-EVO, and all subsequent releases.\n\n"
}
],
"source": {
"advisory": "JSA11251",
"defect": [
"1558672"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "For Junos OS you can remove the traffic-statistics from the configuration to work around this issue.\n\n [protoccols ldp traffic-statistics {sensor-based-stats;}]\n\nFor Junos OS Evolved there are no viable workarounds for this issue."
}
]
}

161
2021/31xxx/CVE-2021-31384.json
View File

@ -1,18 +1,165 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31384",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: SRX Series: Under a specific device configuration an attacker can access the devices J-Web management services from any interface, regardless of security settings protecting the service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "SRX Series",
"version_affected": ">=",
"version_name": "20.4",
"version_value": "20.4R1"
},
{
"platform": "SRX Series",
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2-S1, 20.4R3"
},
{
"platform": "SRX Series",
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R1-S1, 21.1R2"
},
{
"platform": "SRX Series",
"version_affected": "!<",
"version_value": "20.4R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The following minimal configuration is necessary: \n\n [system services web-management http]\nor\n [system services web-management https] "
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a specific device configuration, a vulnerability exists in Juniper Networks Junos OS on SRX Series whereby an attacker who attempts to access J-Web administrative interfaces can successfully do so from any device interface regardless of the web-management configuration and filter rules which may otherwise protect access to J-Web.\n \nThis issue affects:\nJuniper Networks Junos OS SRX Series\n20.4 version 20.4R1 and later versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 20.4R1. "
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-551: Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-939: Improper Authorization in Handler for Custom URL Scheme"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-1220: Insufficient Granularity of Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11252",
"defect": [
"1577816"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue other than disabling J-Web."
}
]
}

179
2021/31xxx/CVE-2021-31385.json
View File

@ -1,18 +1,183 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31385",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: J-Web: A path traversal vulnerability allows an authenticated attacker to elevate their privileges to root"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "EX Series",
"version_affected": "<",
"version_name": "12.3",
"version_value": "12.3R12-S19"
},
{
"version_affected": "<",
"version_name": "15.1",
"version_value": "15.1R7-S10"
},
{
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R3-S3"
},
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R3-S5"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R2-S2, 20.1R3-S1"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R2-S1, 20.4R3"
},
{
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R1-S1, 21.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The following minimal configuration is necessary: \n\n [system services web-management http]\nor\n [system services web-management https]"
}
],
"credit": [
{
"lang": "eng",
"value": "Andy Coles of Microsoft MSRC Vulnerabilities and Mitigations Team"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in J-Web of Juniper Networks Junos OS allows any low-privileged authenticated attacker to elevate their privileges to root.\n\nThis issue affects:\nJuniper Networks Junos OS\n12.3 versions prior to 12.3R12-S19;\n15.1 versions prior to 15.1R7-S10;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R3-S9;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R3-S3;\n19.4 versions prior to 19.4R3-S5;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11253",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11253"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S19, 15.1R7-S10, 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R3-S3, 19.4R3-S5, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA11253",
"defect": [
"1591145"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for these issues other than disabling J-Web.\n\nTo reduce the risk of exploitation of these issues, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users."
}
]
}

207
2021/31xxx/CVE-2021-31386.json
View File

@ -1,18 +1,211 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
"ID": "CVE-2021-31386",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos OS: When using J-Web with HTTP an attacker may retrieve encryption keys via Person-in-the-Middle attacks."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "12.3",
"version_value": "12.3R12-S20"
},
{
"version_affected": "<",
"version_name": "15.1",
"version_value": "15.1R7-S11"
},
{
"version_affected": "<",
"version_name": "18.3",
"version_value": "18.3R3-S6"
},
{
"version_affected": "<",
"version_name": "18.4",
"version_value": "18.4R3-S10"
},
{
"version_affected": "<",
"version_name": "19.1",
"version_value": "19.1R3-S7"
},
{
"version_affected": "<",
"version_name": "19.2",
"version_value": "19.2R3-S4"
},
{
"version_affected": "<",
"version_name": "19.3",
"version_value": "19.3R3-S4"
},
{
"version_affected": "<",
"version_name": "19.4",
"version_value": "19.4R3-S6"
},
{
"version_affected": "<",
"version_name": "20.1",
"version_value": "20.1R3-S2"
},
{
"version_affected": "<",
"version_name": "20.2",
"version_value": "20.2R3-S3"
},
{
"version_affected": "<",
"version_name": "20.3",
"version_value": "20.3R3-S1"
},
{
"version_affected": "<",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"version_affected": "<",
"version_name": "21.1",
"version_value": "21.1R3"
},
{
"version_affected": "<",
"version_name": "21.2",
"version_value": "21.2R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The device must have J-Web's HTTP services enabled to be susceptible to this issue:\n\n [system services web-management http]\n"
}
],
"credit": [
{
"lang": "eng",
"value": " Andy Coles of Microsoft MSRC Vulnerabilities and Mitigations Team"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Protection Mechanism Failure vulnerability in the J-Web HTTP service of Juniper Networks Junos OS allows a remote unauthenticated attacker to perform Person-in-the-Middle (PitM) attacks against the device.\nThis issue affects:\nJuniper Networks Junos OS\n12.3 versions prior to 12.3R12-S20;\n15.1 versions prior to 15.1R7-S11;\n18.3 versions prior to 18.3R3-S6;\n18.4 versions prior to 18.4R3-S10;\n19.1 versions prior to 19.1R3-S7;\n19.2 versions prior to 19.2R3-S4;\n19.3 versions prior to 19.3R3-S4;\n19.4 versions prior to 19.4R3-S6;\n20.1 versions prior to 20.1R3-S2;\n20.2 versions prior to 20.2R3-S3;\n20.3 versions prior to 20.3R3-S1;\n20.4 versions prior to 20.4R3;\n21.1 versions prior to 21.1R3;\n21.2 versions prior to 21.2R2."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-311: Missing Encryption of Sensitive Data"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-325: Missing Cryptographic Step "
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-693: Protection Mechanism Failure"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11254",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11254"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S20, 15.1R7-S11, 18.3R3-S6, 18.4R3-S10, 19.1R3-S7, 19.2R3-S4, 19.3R3-S4, 19.4R3-S6, 20.1R3-S2, 20.2R3-S3, 20.3R3-S1, 20.4R3, 21.1R3, 21.2R2, 21.3R1, and all subsequent releases.\n\nNote: Use of HTTP must also be discontinued."
}
],
"source": {
"advisory": "JSA11254",
"defect": [
"1603199"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Discontinue the use of HTTP, instead use HTTPS when using J-Web.\n\n [system services web-management https]\n"
}
]
}