admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-01-10 17:05:25 -05:00
parent e1432c5e6f
commit 58dbe76c23
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
30 changed files with 1107 additions and 1107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2017/11xxx/CVE-2017-11003.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "While updating a firmware image, data is read from flash into RAM without checking that the data fits into allotted RAM size."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating a firmware image, data is read from flash into RAM without checking that the data fits into allotted RAM size."
}
]
},

2
2017/11xxx/CVE-2017-11066.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "While flashing ubi image an uninitialized memory could be accessed."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing ubi image an uninitialized memory could be accessed."
}
]
},

2
2017/11xxx/CVE-2017-11079.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "While processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header size."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header size."
}
]
},

2
2017/11xxx/CVE-2017-11080.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "While processing a user supplied sparse image, a buffer overflow vulnerability could occur if the sparse header block size is equal to 4294967296."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a user supplied sparse image, a buffer overflow vulnerability could occur if the sparse header block size is equal to 4294967296."
}
]
},

2
2017/11xxx/CVE-2017-11081.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "There is a potential buffer overflow vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs as buffers defined in this API can hold maximum 32 bytes but data more than 32 bytes can get copied."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a potential buffer overflow vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs as buffers defined in this API can hold maximum 32 bytes but data more than 32 bytes can get copied."
}
]
},

2
2017/14xxx/CVE-2017-14869.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "While performing update of FOTA partition, uninitialized data can be pushed to storage."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while performing update of FOTA partition, uninitialized data can be pushed to storage."
}
]
},

2
2017/14xxx/CVE-2017-14870.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "While updating the recovery message for eMMC devices, 1088 bytes of stack memory can potentially be leaked."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating the recovery message for eMMC devices, 1088 bytes of stack memory can potentially be leaked."
}
]
},

2
2017/14xxx/CVE-2017-14873.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "In the pp_pgc_get_config() graphics driver function, a kernel memory overwrite can potentially occur."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the pp_pgc_get_config() graphics driver function, a kernel memory overwrite can potentially occur."
}
]
},

2
2017/14xxx/CVE-2017-14879.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "By calling an IPA ioctl and searching for routing/filer/hdr rule handle from ipa_idr pointer using ipa_idr_find() function, the wrong structure pointer can be returned resulting in a slab out of bound access in the IPA driver."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, by calling an IPA ioctl and searching for routing/filer/hdr rule handle from ipa_idr pointer using ipa_idr_find() function, the wrong structure pointer can be returned resulting in a slab out of bound access in the IPA driver."
}
]
},

2
2017/15xxx/CVE-2017-15845.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "An invalid input of firmware size (negative value) from user space can potentially lead to the memory leak or buffer overflow during the WLAN cal data store operation."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an invalid input of firmware size (negative value) from user space can potentially lead to the memory leak or buffer overflow during the WLAN cal data store operation."
}
]
},

2
2017/15xxx/CVE-2017-15847.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "In the SPCom kernel driver, a race condition exists when creating a channel."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the SPCom kernel driver, a race condition exists when creating a channel."
}
]
},

2
2017/15xxx/CVE-2017-15848.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "In the fastrpc kernel driver, a buffer overflow vulnerability from userspace may potentially exist."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the fastrpc kernel driver, a buffer overflow vulnerability from userspace may potentially exist."
}
]
},

2
2017/15xxx/CVE-2017-15850.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Userspace can read values from audio codec registers."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, userspace can read values from audio codec registers."
}
]
},

2
2017/9xxx/CVE-2017-9689.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "A specially-crafted HDMI CEC message can be used to cause stack memory corruption."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a specially-crafted HDMI CEC message can be used to cause stack memory corruption."
}
]
},

2
2017/9xxx/CVE-2017-9705.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Concurrent rx notifications and read() operations in the G-Link PKT driver can result in a double free condition due to missing locking resulting in list_del() and list_add() overlapping and corrupting the next and previous pointers."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, concurrent rx notifications and read() operations in the G-Link PKT driver can result in a double free condition due to missing locking resulting in list_del() and list_add() overlapping and corrupting the next and previous pointers."
}
]
},

2
2017/9xxx/CVE-2017-9712.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "If userspace provides a too-large IE length in wlan_hdd_cfg80211_set_ie, a buffer over-read occurs."
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, if userspace provides a too-large IE length in wlan_hdd_cfg80211_set_ie, a buffer over-read occurs."
}
]
},

176
2018/0xxx/CVE-2018-0001.json
View File

@ -1,151 +1,151 @@
{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0001",
"STATE": "PUBLIC",
"TITLE": "Junos: Unauthenticated Remote Code Execution through J-Web interface"
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0001",
"STATE" : "PUBLIC",
"TITLE" : "Junos: Unauthenticated Remote Code Execution through J-Web interface"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Junos OS",
"version": {
"version_data": [
"product_name" : "Junos OS",
"version" : {
"version_data" : [
{
"affected": "<",
"version_name": "12.1X46",
"version_value": "12.1X46-D67"
"affected" : "<",
"version_name" : "12.1X46",
"version_value" : "12.1X46-D67"
},
{
"affected": "<",
"version_name": "12.3",
"version_value": "12.3R12-S5"
"affected" : "<",
"version_name" : "12.3",
"version_value" : "12.3R12-S5"
},
{
"affected": "<",
"version_name": "12.3X48",
"version_value": "12.3X48-D35"
"affected" : "<",
"version_name" : "12.3X48",
"version_value" : "12.3X48-D35"
},
{
"affected": "<",
"version_name": "14.1",
"version_value": "14.1R8-S5, 14.1R9"
"affected" : "<",
"version_name" : "14.1",
"version_value" : "14.1R8-S5, 14.1R9"
},
{
"affected": "<",
"version_name": "14.1X53",
"version_value": "14.1X53-D44, 14.1X53-D50"
"affected" : "<",
"version_name" : "14.1X53",
"version_value" : "14.1X53-D44, 14.1X53-D50"
},
{
"affected": "<",
"version_name": "14.2",
"version_value": "14.2R7-S7, 14.2R8"
"affected" : "<",
"version_name" : "14.2",
"version_value" : "14.2R7-S7, 14.2R8"
},
{
"affected": "<",
"version_name": "15.1",
"version_value": "15.1R3"
"affected" : "<",
"version_name" : "15.1",
"version_value" : "15.1R3"
},
{
"affected": "<",
"version_name": "15.1X49",
"version_value": "15.1X49-D30"
"affected" : "<",
"version_name" : "15.1X49",
"version_value" : "15.1X49-D30"
},
{
"affected": "<",
"version_name": "15.1X53",
"version_value": "15.1X53-D70"
"affected" : "<",
"version_name" : "15.1X53",
"version_value" : "15.1X53-D70"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"credit": [
"credit" : [
{
"lang": "eng",
"value": "Cure53 for responsibly reporting this vulnerability."
"lang" : "eng",
"value" : "Cure53 for responsibly reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process.\n\n\nAffected releases are Juniper Networks Junos OS:\n12.1X46 versions prior to 12.1X46-D67;\n12.3 versions prior to 12.3R12-S5;\n12.3X48 versions prior to 12.3X48-D35;\n14.1 versions prior to 14.1R8-S5, 14.1R9;\n14.1X53 versions prior to 14.1X53-D44, 14.1X53-D50;\n14.2 versions prior to 14.2R7-S7, 14.2R8;\n15.1 versions prior to 15.1R3;\n15.1X49 versions prior to 15.1X49-D30;\n15.1X53 versions prior to 15.1X53-D70."
"lang" : "eng",
"value" : "A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D67; 12.3 versions prior to 12.3R12-S5; 12.3X48 versions prior to 12.3X48-D35; 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D44, 14.1X53-D50; 14.2 versions prior to 14.2R7-S7, 14.2R8; 15.1 versions prior to 15.1R3; 15.1X49 versions prior to 15.1X49-D30; 15.1X53 versions prior to 15.1X53-D70."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Remote code execution"
"lang" : "eng",
"value" : "Remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10828"
"url" : "https://kb.juniper.net/JSA10828"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.1X46-D67, 12.3R12-S8*, 12.3X48-D55, 14.1R8-S5, 14.1R9, 14.1X53-D44, 14.1X53-D50, 14.2R7-S7, 14.2R8, 15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R7, 15.1X49-D100, 15.1X53-D70, 16.1R4-S6, 16.1R5, 16.2R2-S2, 16.2R3, 17.1R2-S5*, 17.1R3*, 17.2R2, 17.3R1, and all subsequent releases.\n\n*Pending release\n\nNOTE: While Junos OS 12.3R12-S5, 12.3X48-D35, 15.1F2+, 15.1R3, 15.1X49-D30, and all subsequent releases are not vulnerable, this issue has been proactively resolved.\n"
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: 12.1X46-D67, 12.3R12-S8*, 12.3X48-D55, 14.1R8-S5, 14.1R9, 14.1X53-D44, 14.1X53-D50, 14.2R7-S7, 14.2R8, 15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R7, 15.1X49-D100, 15.1X53-D70, 16.1R4-S6, 16.1R5, 16.2R2-S2, 16.2R3, 17.1R2-S5*, 17.1R3*, 17.2R2, 17.3R1, and all subsequent releases.\n\n*Pending release\n\nNOTE: While Junos OS 12.3R12-S5, 12.3X48-D35, 15.1F2+, 15.1R3, 15.1X49-D30, and all subsequent releases are not vulnerable, this issue has been proactively resolved.\n"
}
],
"source": {
"advisory": "JSA10828",
"defect": [
"source" : {
"advisory" : "JSA10828",
"defect" : [
"1269932"
],
"discovery": "EXTERNAL"
"discovery" : "EXTERNAL"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "Disable J-Web, or limit access to only trusted hosts."
"lang" : "eng",
"value" : "Disable J-Web, or limit access to only trusted hosts."
}
]
}
}

202
2018/0xxx/CVE-2018-0002.json
View File

@ -1,168 +1,168 @@
{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0002",
"STATE": "PUBLIC",
"TITLE": "MX series, SRX series: Junos OS: Denial of service vulnerability in Flowd on devices with ALG enabled."
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0002",
"STATE" : "PUBLIC",
"TITLE" : "MX series, SRX series: Junos OS: Denial of service vulnerability in Flowd on devices with ALG enabled."
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Junos OS",
"version": {
"version_data": [
"product_name" : "Junos OS",
"version" : {
"version_data" : [
{
"affected": "<",
"platform": "SRX series",
"version_name": "12.1X46",
"version_value": "12.1X46-D60"
"affected" : "<",
"platform" : "SRX series",
"version_name" : "12.1X46",
"version_value" : "12.1X46-D60"
},
{
"affected": "<",
"platform": "SRX series",
"version_name": "12.3X48",
"version_value": "12.3X48-D35"
"affected" : "<",
"platform" : "SRX series",
"version_name" : "12.3X48",
"version_value" : "12.3X48-D35"
},
{
"affected": "<",
"platform": "MX series",
"version_name": "14.1",
"version_value": "14.1R9"
"affected" : "<",
"platform" : "MX series",
"version_name" : "14.1",
"version_value" : "14.1R9"
},
{
"affected": "<",
"platform": "MX series",
"version_name": "14.2",
"version_value": "14.2R8"
"affected" : "<",
"platform" : "MX series",
"version_name" : "14.2",
"version_value" : "14.2R8"
},
{
"affected": "<",
"platform": "SRX series",
"version_name": "15.1X49",
"version_value": "15.1X49-D60"
"affected" : "<",
"platform" : "SRX series",
"version_name" : "15.1X49",
"version_value" : "15.1X49-D60"
},
{
"affected": "<",
"platform": "MX series",
"version_name": "15.1",
"version_value": "15.1R5-S8, 15.1F6-S9, 15.1R6-S4, 15.1R7"
"affected" : "<",
"platform" : "MX series",
"version_name" : "15.1",
"version_value" : "15.1R5-S8, 15.1F6-S9, 15.1R6-S4, 15.1R7"
},
{
"affected": "<",
"platform": "MX series",
"version_name": "16.1",
"version_value": "16.1R6"
"affected" : "<",
"platform" : "MX series",
"version_name" : "16.1",
"version_value" : "16.1R6"
},
{
"affected": "<",
"platform": "MX series",
"version_name": "16.2",
"version_value": "16.2R3"
"affected" : "<",
"platform" : "MX series",
"version_name" : "16.2",
"version_value" : "16.2R3"
},
{
"affected": "<",
"platform": "MX series",
"version_name": "17.1",
"version_value": "17.1R2-S4, 17.1R3"
"affected" : "<",
"platform" : "MX series",
"version_name" : "17.1",
"version_value" : "17.1R2-S4, 17.1R3"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"configuration": [
"configuration" : [
{
"lang": "eng",
"value": "This issue affects any enabled IPv4 ALG. "
"lang" : "eng",
"value" : "This issue affects any enabled IPv4 ALG. "
},
{
"lang": "eng",
"value": "This issue only affects IPv4. This issue does not affect IPv6."
"lang" : "eng",
"value" : "This issue only affects IPv4. This issue does not affect IPv6."
},
{
"lang": "eng",
"value": "This issue affects unicast traffic only."
"lang" : "eng",
"value" : "This issue affects unicast traffic only."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. Sustained crafted response packets lead to repeated crashes of the flowd daemon which results in an extended Denial of Service condition.\n\nAffected releases are Juniper Networks Junos OS:\n12.1X46 versions prior to 12.1X46-D60 on SRX series;\n12.3X48 versions prior to 12.3X48-D35 on SRX series;\n14.1 versions prior to 14.1R9 on MX series;\n14.2 versions prior to 14.2R8 on MX series;\n15.1X49 versions prior to 15.1X49-D60 on SRX series;\n15.1 versions prior to 15.1R5-S8, 15.1F6-S9, 15.1R6-S4, 15.1R7 on MX series;\n16.1 versions prior to 16.1R6 on MX series;\n16.2 versions prior to 16.2R3 on MX series;\n17.1 versions prior to 17.1R2-S4, 17.1R3 on MX series.\nNo other Juniper Networks products or platforms are affected by this issue.\n"
"lang" : "eng",
"value" : "On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. Sustained crafted response packets lead to repeated crashes of the flowd daemon which results in an extended Denial of Service condition. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D60 on SRX series; 12.3X48 versions prior to 12.3X48-D35 on SRX series; 14.1 versions prior to 14.1R9 on MX series; 14.2 versions prior to 14.2R8 on MX series; 15.1X49 versions prior to 15.1X49-D60 on SRX series; 15.1 versions prior to 15.1R5-S8, 15.1F6-S9, 15.1R6-S4, 15.1R7 on MX series; 16.1 versions prior to 16.1R6 on MX series; 16.2 versions prior to 16.2R3 on MX series; 17.1 versions prior to 17.1R2-S4, 17.1R3 on MX series. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 8.2,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "denial of service"
"lang" : "eng",
"value" : "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10829"
"url" : "https://kb.juniper.net/JSA10829"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.1X46-D60, 12.3X48-D35, 14.1R9, 14.2R8, 15.1X49-D60, 15.1R5-S8, 15.1R6-S4, 15.1F6-S9, 15.1R7, 16.1R6, 16.2R3, 17.1R2-S4, 17.1R3, 17.2R1 and all subsequent releases.\n\n"
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: 12.1X46-D60, 12.3X48-D35, 14.1R9, 14.2R8, 15.1X49-D60, 15.1R5-S8, 15.1R6-S4, 15.1F6-S9, 15.1R7, 16.1R6, 16.2R3, 17.1R2-S4, 17.1R3, 17.2R1 and all subsequent releases.\n\n"
}
],
"source": {
"advisory": "JSA10829",
"defect": [
"source" : {
"advisory" : "JSA10829",
"defect" : [
"1183181"
],
"discovery": "USER"
"discovery" : "USER"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "Disable IPv4 ALG's on affected devices.\n"
"lang" : "eng",
"value" : "Disable IPv4 ALG's on affected devices.\n"
}
]
}
}

206
2018/0xxx/CVE-2018-0003.json
View File

@ -1,175 +1,175 @@
{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0003",
"STATE": "PUBLIC",
"TITLE": "Junos OS: A crafted MPLS packet may lead to a kernel crash"
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0003",
"STATE" : "PUBLIC",
"TITLE" : "Junos OS: A crafted MPLS packet may lead to a kernel crash"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Junos OS",
"version": {
"version_data": [
"product_name" : "Junos OS",
"version" : {
"version_data" : [
{
"affected": "<",
"version_name": "12.1X46",
"version_value": "12.1X46-D71"
"affected" : "<",
"version_name" : "12.1X46",
"version_value" : "12.1X46-D71"
},
{
"affected": "<",
"version_name": "12.3R12",
"version_value": "12.3R12-S7"
"affected" : "<",
"version_name" : "12.3R12",
"version_value" : "12.3R12-S7"
},
{
"affected": "<",
"version_name": "12.3X48",
"version_value": "12.3X48-D55"
"affected" : "<",
"version_name" : "12.3X48",
"version_value" : "12.3X48-D55"
},
{
"affected": "<",
"version_name": "14.1",
"version_value": "14.1R8-S5, 14.1R9"
"affected" : "<",
"version_name" : "14.1",
"version_value" : "14.1R8-S5, 14.1R9"
},
{
"affected": "<",
"version_name": "14.1X53",
"version_value": "14.1X53-D45, 14.1X53-D107"
"affected" : "<",
"version_name" : "14.1X53",
"version_value" : "14.1X53-D45, 14.1X53-D107"
},
{
"affected": "<",
"version_name": "14.2",
"version_value": "14.2R7-S7, 14.2R8"
"affected" : "<",
"version_name" : "14.2",
"version_value" : "14.2R7-S7, 14.2R8"
},
{
"affected": "<",
"version_name": "15.1",
"version_value": "15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R6-S3, 15.1R7"
"affected" : "<",
"version_name" : "15.1",
"version_value" : "15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R6-S3, 15.1R7"
},
{
"affected": "<",
"version_name": "15.1X49",
"version_value": "15.1X49-D100"
"affected" : "<",
"version_name" : "15.1X49",
"version_value" : "15.1X49-D100"
},
{
"affected": "<",
"version_name": "15.1X53",
"version_value": "15.1X53-D65, 15.1X53-D231"
"affected" : "<",
"version_name" : "15.1X53",
"version_value" : "15.1X53-D65, 15.1X53-D231"
},
{
"affected": "<",
"version_name": "16.1",
"version_value": "16.1R3-S6, 16.1R4-S6, 16.1R5"
"affected" : "<",
"version_name" : "16.1",
"version_value" : "16.1R3-S6, 16.1R4-S6, 16.1R5"
},
{
"affected": "<",
"version_name": "16.1X65",
"version_value": "16.1X65-D45"
"affected" : "<",
"version_name" : "16.1X65",
"version_value" : "16.1X65-D45"
},
{
"affected": "<",
"version_name": "16.2",
"version_value": "16.2R2-S1, 16.2R3"
"affected" : "<",
"version_name" : "16.2",
"version_value" : "16.2R2-S1, 16.2R3"
},
{
"affected": "<",
"version_name": "17.1",
"version_value": "17.1R2-S2, 17.1R3"
"affected" : "<",
"version_name" : "17.1",
"version_value" : "17.1R2-S2, 17.1R3"
},
{
"affected": "<",
"version_name": "17.2",
"version_value": "17.2R1-S3, 17.2R2"
"affected" : "<",
"version_name" : "17.2",
"version_value" : "17.2R1-S3, 17.2R2"
},
{
"affected": "<",
"version_name": "17.2X75",
"version_value": "17.2X75-D50"
"affected" : "<",
"version_name" : "17.2X75",
"version_value" : "17.2X75-D50"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory. Subsequently, if this stored information is accessed, this may result in a kernel crash leading to a denial of service.\nAffected releases are Juniper Networks Junos OS:\n12.1X46 versions prior to 12.1X46-D71;\n12.3R12 versions prior to 12.3R12-S7;\n12.3X48 versions prior to 12.3X48-D55;\n14.1 versions prior to 14.1R8-S5, 14.1R9;\n14.1X53 versions prior to 14.1X53-D45, 14.1X53-D107;\n14.2 versions prior to 14.2R7-S7, 14.2R8;\n15.1 versions prior to 15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R6-S3, 15.1R7;\n15.1X49 versions prior to 15.1X49-D100;\n15.1X53 versions prior to 15.1X53-D65, 15.1X53-D231;\n16.1 versions prior to 16.1R3-S6, 16.1R4-S6, 16.1R5;\n16.1X65 versions prior to 16.1X65-D45;\n16.2 versions prior to 16.2R2-S1, 16.2R3;\n17.1 versions prior to 17.1R2-S2, 17.1R3;\n17.2 versions prior to 17.2R1-S3, 17.2R2;\n17.2X75 versions prior to 17.2X75-D50.\nNo other Juniper Networks products or platforms are affected by this issue.\n"
"lang" : "eng",
"value" : "A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory. Subsequently, if this stored information is accessed, this may result in a kernel crash leading to a denial of service. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D71; 12.3R12 versions prior to 12.3R12-S7; 12.3X48 versions prior to 12.3X48-D55; 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D45, 14.1X53-D107; 14.2 versions prior to 14.2R7-S7, 14.2R8; 15.1 versions prior to 15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R6-S3, 15.1R7; 15.1X49 versions prior to 15.1X49-D100; 15.1X53 versions prior to 15.1X53-D65, 15.1X53-D231; 16.1 versions prior to 16.1R3-S6, 16.1R4-S6, 16.1R5; 16.1X65 versions prior to 16.1X65-D45; 16.2 versions prior to 16.2R2-S1, 16.2R3; 17.1 versions prior to 17.1R2-S2, 17.1R3; 17.2 versions prior to 17.2R1-S3, 17.2R2; 17.2X75 versions prior to 17.2X75-D50. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "ADJACENT_NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Denial of Service"
"lang" : "eng",
"value" : "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10831"
"url" : "https://kb.juniper.net/JSA10831"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.1X46-D71, 12.3R12-S7, 12.3X48-D55, 14.1R8-S5, 14.1R9, 14.1X53-D45, 14.1X53-D107, 14.2R7-S7, 14.2R8, 15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R6-S3, 15.1R7, 15.1X49-D100, 15.1X53-D65, 15.1X53-D231, 16.1R3-S6, 16.1R4-S6, 16.1R5, 16.1R3-S6, 16.1R4-S6, 16.1R5, 16.1X65-D45, 16.2R2-S1, 16.2R3, 17.1R2-S2, 17.1R3, 17.2R1-S3, 17.2R2, 17.2X75-D50, 17.3R1, and all subsequent releases.\n"
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: 12.1X46-D71, 12.3R12-S7, 12.3X48-D55, 14.1R8-S5, 14.1R9, 14.1X53-D45, 14.1X53-D107, 14.2R7-S7, 14.2R8, 15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R6-S3, 15.1R7, 15.1X49-D100, 15.1X53-D65, 15.1X53-D231, 16.1R3-S6, 16.1R4-S6, 16.1R5, 16.1R3-S6, 16.1R4-S6, 16.1R5, 16.1X65-D45, 16.2R2-S1, 16.2R3, 17.1R2-S2, 17.1R3, 17.2R1-S3, 17.2R2, 17.2X75-D50, 17.3R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA10831",
"defect": [
"source" : {
"advisory" : "JSA10831",
"defect" : [
"1276786"
],
"discovery": "USER"
"discovery" : "USER"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "Disallow MPLS packets from reaching the device.\nRemove MPLS configuration stanzas from interface configurations that are at risk.\nNo other viable workarounds exist for this issue."
"lang" : "eng",
"value" : "Disallow MPLS packets from reaching the device.\nRemove MPLS configuration stanzas from interface configurations that are at risk.\nNo other viable workarounds exist for this issue."
}
]
}
}

170
2018/0xxx/CVE-2018-0004.json
View File

@ -1,145 +1,145 @@
{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0004",
"STATE": "PUBLIC",
"TITLE": "Junos OS: Kernel Denial of Service Vulnerability"
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0004",
"STATE" : "PUBLIC",
"TITLE" : "Junos OS: Kernel Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Junos OS",
"version": {
"version_data": [
"product_name" : "Junos OS",
"version" : {
"version_data" : [
{
"affected": "<",
"version_name": "12.1X46",
"version_value": "12.1X46-D50"
"affected" : "<",
"version_name" : "12.1X46",
"version_value" : "12.1X46-D50"
},
{
"affected": "<",
"version_name": "12.3X48",
"version_value": "12.3X48-D30"
"affected" : "<",
"version_name" : "12.3X48",
"version_value" : "12.3X48-D30"
},
{
"affected": "<",
"version_name": "12.3R",
"version_value": "12.3R12-S7"
"affected" : "<",
"version_name" : "12.3R",
"version_value" : "12.3R12-S7"
},
{
"affected": "<",
"version_name": "14.1",
"version_value": "14.1R8-S4, 14.1R9"
"affected" : "<",
"version_name" : "14.1",
"version_value" : "14.1R8-S4, 14.1R9"
},
{
"affected": "<",
"version_name": "14.1X53",
"version_value": "14.1X53-D30, 14.1X53-D34"
"affected" : "<",
"version_name" : "14.1X53",
"version_value" : "14.1X53-D30, 14.1X53-D34"
},
{
"affected": "<",
"version_name": "14.2",
"version_value": "14.2R8"
"affected" : "<",
"version_name" : "14.2",
"version_value" : "14.2R8"
},
{
"affected": "<",
"version_name": "15.1",
"version_value": "15.1F6, 15.1R3"
"affected" : "<",
"version_name" : "15.1",
"version_value" : "15.1F6, 15.1R3"
},
{
"affected": "<",
"version_name": "15.1X49",
"version_value": "15.1X49-D40"
"affected" : "<",
"version_name" : "15.1X49",
"version_value" : "15.1X49-D40"
},
{
"affected": "<",
"version_name": "15.1X53",
"version_value": "15.1X53-D31, 15.1X53-D33, 15.1X53-D60"
"affected" : "<",
"version_name" : "15.1X53",
"version_value" : "15.1X53-D31, 15.1X53-D33, 15.1X53-D60"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device. This affects one or more threads and conversely one or more running processes running on the system. Once this occurs, the high CPU event(s) affects either or both the forwarding and control plane. As a result of this condition the device can become inaccessible in either or both the control and forwarding plane and stops forwarding traffic until the device is rebooted. The issue will reoccur after reboot upon receiving further transit traffic. Score: 5.7 MEDIUM (CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) For network designs utilizing layer 3 forwarding agents or other ARP through layer 3 technologies, the score is slightly higher. Score: 6.5 MEDIUM (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n\nIf the following entry exists in the RE message logs then this may indicate the issue is present. This entry may or may not appear when this issue occurs.\n\n /kernel: Expensive timeout(9) function: \n\nAffected releases are Juniper Networks Junos OS:\n12.1X46 versions prior to 12.1X46-D50;\n12.3X48 versions prior to 12.3X48-D30;\n12.3R versions prior to 12.3R12-S7;\n14.1 versions prior to 14.1R8-S4, 14.1R9;\n14.1X53 versions prior to 14.1X53-D30, 14.1X53-D34;\n14.2 versions prior to 14.2R8;\n15.1 versions prior to 15.1F6, 15.1R3;\n15.1X49 versions prior to 15.1X49-D40;\n15.1X53 versions prior to 15.1X53-D31, 15.1X53-D33, 15.1X53-D60.\nNo other Juniper Networks products or platforms are affected by this issue."
"lang" : "eng",
"value" : "A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device. This affects one or more threads and conversely one or more running processes running on the system. Once this occurs, the high CPU event(s) affects either or both the forwarding and control plane. As a result of this condition the device can become inaccessible in either or both the control and forwarding plane and stops forwarding traffic until the device is rebooted. The issue will reoccur after reboot upon receiving further transit traffic. Score: 5.7 MEDIUM (CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) For network designs utilizing layer 3 forwarding agents or other ARP through layer 3 technologies, the score is slightly higher. Score: 6.5 MEDIUM (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) If the following entry exists in the RE message logs then this may indicate the issue is present. This entry may or may not appear when this issue occurs. /kernel: Expensive timeout(9) function: Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D50; 12.3X48 versions prior to 12.3X48-D30; 12.3R versions prior to 12.3R12-S7; 14.1 versions prior to 14.1R8-S4, 14.1R9; 14.1X53 versions prior to 14.1X53-D30, 14.1X53-D34; 14.2 versions prior to 14.2R8; 15.1 versions prior to 15.1F6, 15.1R3; 15.1X49 versions prior to 15.1X49-D40; 15.1X53 versions prior to 15.1X53-D31, 15.1X53-D33, 15.1X53-D60. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "REQUIRED",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "High CPU consumption\nDistributed Denial of Service"
"lang" : "eng",
"value" : "High CPU consumption\nDistributed Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10832"
"url" : "https://kb.juniper.net/JSA10832"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.1X46-D50, 12.3R12-S7, 12.3X48-D30, 14.1R8-S4, 14.1R9, 14.1X53-D30, 14.1X53-D34, 14.2R8, 15.1F6, 15.1R3, 15.1X49-D40, 15.1X53-D31, 15.1X53-D33, 15.1X53-D60, 16.1R1, and all subsequent releases.\n"
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: 12.1X46-D50, 12.3R12-S7, 12.3X48-D30, 14.1R8-S4, 14.1R9, 14.1X53-D30, 14.1X53-D34, 14.2R8, 15.1F6, 15.1R3, 15.1X49-D40, 15.1X53-D31, 15.1X53-D33, 15.1X53-D60, 16.1R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA10832",
"defect": [
"source" : {
"advisory" : "JSA10832",
"defect" : [
"1145306"
],
"discovery": "USER"
"discovery" : "USER"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue.\n"
"lang" : "eng",
"value" : "There are no viable workarounds for this issue.\n"
}
]
}
}

134
2018/0xxx/CVE-2018-0005.json
View File

@ -1,115 +1,115 @@
{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0005",
"STATE": "PUBLIC",
"TITLE": "Security Bulletin: Junos OS: MAC move limit configured to drop traffic may forward traffic."
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0005",
"STATE" : "PUBLIC",
"TITLE" : "Security Bulletin: Junos OS: MAC move limit configured to drop traffic may forward traffic."
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Junos OS",
"version": {
"version_data": [
"product_name" : "Junos OS",
"version" : {
"version_data" : [
{
"affected": "<",
"version_name": "14.1X53",
"version_value": "14.1X53-D40"
"affected" : "<",
"version_name" : "14.1X53",
"version_value" : "14.1X53-D40"
},
{
"affected": "<",
"version_name": "15.1X53",
"version_value": "15.1X53-D55"
"affected" : "<",
"version_name" : "15.1X53",
"version_value" : "15.1X53-D55"
},
{
"affected": "<",
"version_name": "15.1",
"version_value": "15.1R7"
"affected" : "<",
"version_name" : "15.1",
"version_value" : "15.1R7"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions.\nAffected releases are Juniper Networks Junos OS:\n14.1X53 versions prior to 14.1X53-D40;\n15.1X53 versions prior to 15.1X53-D55;\n15.1 versions prior to 15.1R7.\n"
"lang" : "eng",
"value" : "QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D40; 15.1X53 versions prior to 15.1X53-D55; 15.1 versions prior to 15.1R7."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "ADJACENT_NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 7.4,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "CHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "QFX and EX Series switches may forward traffic instead of dropping traffic which can lead to denials of services or other unintended conditions."
"lang" : "eng",
"value" : "QFX and EX Series switches may forward traffic instead of dropping traffic which can lead to denials of services or other unintended conditions."
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10833"
"url" : "https://kb.juniper.net/JSA10833"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 14.1X53-D40, 15.1X53-D55, 15.1X53-D60, 16.1R1, and all subsequent releases.\n"
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: 14.1X53-D40, 15.1X53-D55, 15.1X53-D60, 16.1R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA10833",
"defect": [
"source" : {
"advisory" : "JSA10833",
"defect" : [
"1105372"
],
"discovery": "INTERNAL"
"discovery" : "INTERNAL"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "To decrease the risk of seeing the issue, increase the MAC move limit rate on the device, or to work around the issue until a fix can be taken, remove the MAC move limit from the devices running configuration. These actions may introduce other possible unintended consequences to customer environments and should be evaluated carefully on a case-by-case basis and are not complete mitigations.\n"
"lang" : "eng",
"value" : "To decrease the risk of seeing the issue, increase the MAC move limit rate on the device, or to work around the issue until a fix can be taken, remove the MAC move limit from the devices running configuration. These actions may introduce other possible unintended consequences to customer environments and should be evaluated carefully on a case-by-case basis and are not complete mitigations.\n"
}
]
}
}

146
2018/0xxx/CVE-2018-0006.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0006",
"STATE": "PUBLIC",
"TITLE": "Junos OS: bbe-smgd process denial of service while processing VLAN authentication requests/rejects"
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0006",
"STATE" : "PUBLIC",
"TITLE" : "Junos OS: bbe-smgd process denial of service while processing VLAN authentication requests/rejects"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Junos OS",
"version": {
"version_data": [
"product_name" : "Junos OS",
"version" : {
"version_data" : [
{
"affected": "<",
"version_name": "15.1",
"version_value": "15.1R6-S2, 15.1R7"
"affected" : "<",
"version_name" : "15.1",
"version_value" : "15.1R6-S2, 15.1R7"
},
{
"affected": "<",
"version_name": "16.1",
"version_value": "16.1R5-S1, 16.1R6"
"affected" : "<",
"version_name" : "16.1",
"version_value" : "16.1R5-S1, 16.1R6"
},
{
"affected": "<",
"version_name": "16.2",
"version_value": "16.2R2-S2, 16.2R3"
"affected" : "<",
"version_name" : "16.2",
"version_value" : "16.2R2-S2, 16.2R3"
},
{
"affected": "<",
"version_name": "17.1",
"version_value": "17.1R2-S5, 17.1R3"
"affected" : "<",
"version_name" : "17.1",
"version_value" : "17.1R2-S5, 17.1R3"
},
{
"affected": "<",
"version_name": "17.2",
"version_value": "17.2R2"
"affected" : "<",
"version_name" : "17.2",
"version_value" : "17.2R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition. The issue was caused by attempting to process an unbounded number of pending VLAN authentication requests, leading to excessive memory allocation.\n\nThis issue only affects devices configured for DHCPv4/v6 over AE auto-sensed VLANs, utilized in Broadband Edge (BBE) deployments. Other configurations are unaffected by this issue.\n\nAffected releases are Juniper Networks Junos OS:\n15.1 versions prior to 15.1R6-S2, 15.1R7;\n16.1 versions prior to 16.1R5-S1, 16.1R6;\n16.2 versions prior to 16.2R2-S2, 16.2R3;\n17.1 versions prior to 17.1R2-S5, 17.1R3;\n17.2 versions prior to 17.2R2."
"lang" : "eng",
"value" : "A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition. The issue was caused by attempting to process an unbounded number of pending VLAN authentication requests, leading to excessive memory allocation. This issue only affects devices configured for DHCPv4/v6 over AE auto-sensed VLANs, utilized in Broadband Edge (BBE) deployments. Other configurations are unaffected by this issue. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1R6-S2, 15.1R7; 16.1 versions prior to 16.1R5-S1, 16.1R6; 16.2 versions prior to 16.2R2-S2, 16.2R3; 17.1 versions prior to 17.1R2-S5, 17.1R3; 17.2 versions prior to 17.2R2."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "ADJACENT_NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Denial of service"
"lang" : "eng",
"value" : "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10834"
"url" : "https://kb.juniper.net/JSA10834"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 15.1R6-S2, 15.1R7, 16.1R5-S1, 16.1R6, 16.2R2-S2, 16.2R3, 17.1R2-S5*, 17.1R3*, 17.2R2, 17.3R1, 17.4R1, and all subsequent releases. \n\n*pending release"
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: 15.1R6-S2, 15.1R7, 16.1R5-S1, 16.1R6, 16.2R2-S2, 16.2R3, 17.1R2-S5*, 17.1R3*, 17.2R2, 17.3R1, 17.4R1, and all subsequent releases. \n\n*pending release"
}
],
"source": {
"advisory": "JSA10834",
"defect": [
"source" : {
"advisory" : "JSA10834",
"defect" : [
"1284213",
"1268129"
],
"discovery": "USER"
"discovery" : "USER"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "Since this issue is specific to auto-sense or dynamic VLANs, utilizing a static VLAN model will mitigate this issue."
"lang" : "eng",
"value" : "Since this issue is specific to auto-sense or dynamic VLANs, utilizing a static VLAN model will mitigate this issue."
}
]
}
}

200
2018/0xxx/CVE-2018-0007.json
View File

@ -1,171 +1,171 @@
{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0007",
"STATE": "PUBLIC",
"TITLE": "Junos OS: Malicious LLDP crafted packet leads to privilege escalation, denial of service."
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0007",
"STATE" : "PUBLIC",
"TITLE" : "Junos OS: Malicious LLDP crafted packet leads to privilege escalation, denial of service."
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Junos OS",
"version": {
"version_data": [
"product_name" : "Junos OS",
"version" : {
"version_data" : [
{
"affected": "<",
"version_name": "12.1X46",
"version_value": "12.1X46-D71"
"affected" : "<",
"version_name" : "12.1X46",
"version_value" : "12.1X46-D71"
},
{
"affected": "<",
"version_name": "12.3",
"version_value": "12.3R12-S7"
"affected" : "<",
"version_name" : "12.3",
"version_value" : "12.3R12-S7"
},
{
"affected": "<",
"version_name": "12.3X48",
"version_value": "12.3X48-D55"
"affected" : "<",
"version_name" : "12.3X48",
"version_value" : "12.3X48-D55"
},
{
"affected": "<",
"version_name": "14.1",
"version_value": "14.1R8-S5, 14.1R9"
"affected" : "<",
"version_name" : "14.1",
"version_value" : "14.1R8-S5, 14.1R9"
},
{
"affected": "<",
"version_name": "14.1X53",
"version_value": "14.1X53-D46, 14.1X53-D50, 14.1X53-D107"
"affected" : "<",
"version_name" : "14.1X53",
"version_value" : "14.1X53-D46, 14.1X53-D50, 14.1X53-D107"
},
{
"affected": "<",
"version_name": "14.2",
"version_value": "14.2R7-S9, 14.2R8"
"affected" : "<",
"version_name" : "14.2",
"version_value" : "14.2R7-S9, 14.2R8"
},
{
"affected": "<",
"version_name": "15.1",
"version_value": "15.1F2-S17, 15.1F5-S8, 15.1F6-S8, 15.1R5-S7, 15.1R7"
"affected" : "<",
"version_name" : "15.1",
"version_value" : "15.1F2-S17, 15.1F5-S8, 15.1F6-S8, 15.1R5-S7, 15.1R7"
},
{
"affected": "<",
"version_name": "15.1X49",
"version_value": "15.1X49-D90"
"affected" : "<",
"version_name" : "15.1X49",
"version_value" : "15.1X49-D90"
},
{
"affected": "<",
"version_name": "15.1X53",
"version_value": "15.1X53-D65"
"affected" : "<",
"version_name" : "15.1X53",
"version_value" : "15.1X53-D65"
},
{
"affected": "<",
"version_name": "16.1",
"version_value": "16.1R4-S6, 16.1R5"
"affected" : "<",
"version_name" : "16.1",
"version_value" : "16.1R4-S6, 16.1R5"
},
{
"affected": "<",
"version_name": "16.1X65",
"version_value": "16.1X65-D45"
"affected" : "<",
"version_name" : "16.1X65",
"version_value" : "16.1X65-D45"
},
{
"affected": "<",
"version_name": "16.2",
"version_value": "16.2R2"
"affected" : "<",
"version_name" : "16.2",
"version_value" : "16.2R2"
},
{
"affected": "<",
"version_name": "17.1",
"version_value": "17.1R2"
"affected" : "<",
"version_name" : "17.1",
"version_value" : "17.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"credit": [
"credit" : [
{
"lang": "eng",
"value": "UK's National Cyber Security Centre (NCSC)"
"lang" : "eng",
"value" : "UK's National Cyber Security Centre (NCSC)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial of service. Further crafted packets may be able to sustain the denial of service condition. Score: 6.5 MEDIUM (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\nFurther, if the attacker is authenticated on the target device receiving and processing the malicious LLDP packet, while receiving the crafted packets, the attacker may be able to perform command or arbitrary code injection over the target device thereby elevating their permissions and privileges, and taking control of the device. Score: 7.8 HIGH (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n\nAn unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to one or more local segments, via LLDP proxy / tunneling agents or other LLDP through Layer 3 deployments, through one or more local segment broadcasts, may be able to cause multiple Junos devices to enter an improper boundary check condition allowing a memory corruption to occur, leading to multiple distributed Denials of Services. These Denials of Services attacks may have cascading Denials of Services to adjacent connected devices, impacts network devices, servers, workstations, etc. Further crafted packets may be able to sustain these Denials of Services conditions. Score 6.8 MEDIUM (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H)\n\nFurther, if the attacker is authenticated on one or more target devices receiving and processing these malicious LLDP packets, while receiving the crafted packets, the attacker may be able to perform command or arbitrary code injection over multiple target devices thereby elevating their permissions and privileges, and taking control multiple devices. Score: 7.8 HIGH (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\n\nAffected releases are Juniper Networks Junos OS:\n12.1X46 versions prior to 12.1X46-D71;\n12.3 versions prior to 12.3R12-S7;\n12.3X48 versions prior to 12.3X48-D55;\n14.1 versions prior to 14.1R8-S5, 14.1R9;\n14.1X53 versions prior to 14.1X53-D46, 14.1X53-D50, 14.1X53-D107;\n14.2 versions prior to 14.2R7-S9, 14.2R8;\n15.1 versions prior to 15.1F2-S17, 15.1F5-S8, 15.1F6-S8, 15.1R5-S7, 15.1R7;\n15.1X49 versions prior to 15.1X49-D90;\n15.1X53 versions prior to 15.1X53-D65;\n16.1 versions prior to 16.1R4-S6, 16.1R5;\n16.1X65 versions prior to 16.1X65-D45;\n16.2 versions prior to 16.2R2;\n17.1 versions prior to 17.1R2.\nNo other Juniper Networks products or platforms are affected by this issue."
"lang" : "eng",
"value" : "An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial of service. Further crafted packets may be able to sustain the denial of service condition. Score: 6.5 MEDIUM (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Further, if the attacker is authenticated on the target device receiving and processing the malicious LLDP packet, while receiving the crafted packets, the attacker may be able to perform command or arbitrary code injection over the target device thereby elevating their permissions and privileges, and taking control of the device. Score: 7.8 HIGH (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to one or more local segments, via LLDP proxy / tunneling agents or other LLDP through Layer 3 deployments, through one or more local segment broadcasts, may be able to cause multiple Junos devices to enter an improper boundary check condition allowing a memory corruption to occur, leading to multiple distributed Denials of Services. These Denials of Services attacks may have cascading Denials of Services to adjacent connected devices, impacts network devices, servers, workstations, etc. Further crafted packets may be able to sustain these Denials of Services conditions. Score 6.8 MEDIUM (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H) Further, if the attacker is authenticated on one or more target devices receiving and processing these malicious LLDP packets, while receiving the crafted packets, the attacker may be able to perform command or arbitrary code injection over multiple target devices thereby elevating their permissions and privileges, and taking control multiple devices. Score: 7.8 HIGH (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D71; 12.3 versions prior to 12.3R12-S7; 12.3X48 versions prior to 12.3X48-D55; 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D46, 14.1X53-D50, 14.1X53-D107; 14.2 versions prior to 14.2R7-S9, 14.2R8; 15.1 versions prior to 15.1F2-S17, 15.1F5-S8, 15.1F6-S8, 15.1R5-S7, 15.1R7; 15.1X49 versions prior to 15.1X49-D90; 15.1X53 versions prior to 15.1X53-D65; 16.1 versions prior to 16.1R4-S6, 16.1R5; 16.1X65 versions prior to 16.1X65-D45; 16.2 versions prior to 16.2R2; 17.1 versions prior to 17.1R2. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "LOCAL",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "LOW",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "privilege escalation\ndenial of service\ncommand execution"
"lang" : "eng",
"value" : "privilege escalation\ndenial of service\ncommand execution"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10830"
"url" : "https://kb.juniper.net/JSA10830"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.1X46-D71, 12.3X48-D55, 12.3R12-S7, 12.3X48-D55, 14.1R8-S5, 14.1R9, 14.1X53-D46, 14.1X53-D50, 14.2R7-S9, 14.2R8, 15.1F2-S17, 15.1F5-S8, 15.1F6-S8, 15.1R7, 15.1X49-D90, 15.1X53-D65, 16.1R4-S6, 16.1R5, 16.1X65-D45, 16.2R2, 17.1R2, 17.2R1, and all subsequent releases.\n\nKB16765 - \"In which releases are vulnerabilities fixed?\" describes which release vulnerabilities are fixed as per our End of Engineering and End of Life support policies."
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: 12.1X46-D71, 12.3X48-D55, 12.3R12-S7, 12.3X48-D55, 14.1R8-S5, 14.1R9, 14.1X53-D46, 14.1X53-D50, 14.2R7-S9, 14.2R8, 15.1F2-S17, 15.1F5-S8, 15.1F6-S8, 15.1R7, 15.1X49-D90, 15.1X53-D65, 16.1R4-S6, 16.1R5, 16.1X65-D45, 16.2R2, 17.1R2, 17.2R1, and all subsequent releases.\n\nKB16765 - \"In which releases are vulnerabilities fixed?\" describes which release vulnerabilities are fixed as per our End of Engineering and End of Life support policies."
}
],
"source": {
"advisory": "JSA10830",
"defect": [
"source" : {
"advisory" : "JSA10830",
"defect" : [
"1252823"
],
"discovery": "EXTERNAL"
"discovery" : "EXTERNAL"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "No viable workarounds exist other than to implement IDP or other filters for the LLDP packet itself from reaching LLDP proxy agents, or devices receiving and processing LLDP packets.\n\nIt is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the device via all means to only trusted, administrative networks, hosts and users.\n"
"lang" : "eng",
"value" : "No viable workarounds exist other than to implement IDP or other filters for the LLDP packet itself from reaching LLDP proxy agents, or devices receiving and processing LLDP packets.\n\nIt is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the device via all means to only trusted, administrative networks, hosts and users.\n"
}
]
}
}

196
2018/0xxx/CVE-2018-0008.json
View File

@ -1,162 +1,162 @@
{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0008",
"STATE": "PUBLIC",
"TITLE": "Junos OS: commit script may allow unauthenticated root login upon reboot"
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0008",
"STATE" : "PUBLIC",
"TITLE" : "Junos OS: commit script may allow unauthenticated root login upon reboot"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Junos OS",
"version": {
"version_data": [
"product_name" : "Junos OS",
"version" : {
"version_data" : [
{
"affected": "<",
"platform": "SRX",
"version_name": "12.1X46",
"version_value": "12.1X46-D71"
"affected" : "<",
"platform" : "SRX",
"version_name" : "12.1X46",
"version_value" : "12.1X46-D71"
},
{
"affected": "<",
"platform": "SRX",
"version_name": "12.3X48",
"version_value": "12.3X48-D55"
"affected" : "<",
"platform" : "SRX",
"version_name" : "12.3X48",
"version_value" : "12.3X48-D55"
},
{
"affected": "<",
"version_name": "14.1",
"version_value": "14.1R9"
"affected" : "<",
"version_name" : "14.1",
"version_value" : "14.1R9"
},
{
"affected": "<",
"platform": "QFX, EX",
"version_name": "14.1X53",
"version_value": "14.1X53-D40"
"affected" : "<",
"platform" : "QFX, EX",
"version_name" : "14.1X53",
"version_value" : "14.1X53-D40"
},
{
"affected": "<",
"version_name": "14.2",
"version_value": "14.2R7-S9, 14.2R8"
"affected" : "<",
"version_name" : "14.2",
"version_value" : "14.2R7-S9, 14.2R8"
},
{
"affected": "<",
"version_name": "15.1",
"version_value": "15.1F5-S7, 15.1F6-S8, 15.1R5-S6, 15.1R6"
"affected" : "<",
"version_name" : "15.1",
"version_value" : "15.1F5-S7, 15.1F6-S8, 15.1R5-S6, 15.1R6"
},
{
"affected": "<",
"platform": "SRX",
"version_name": "15.1X49",
"version_value": "15.1X49-D110 "
"affected" : "<",
"platform" : "SRX",
"version_name" : "15.1X49",
"version_value" : "15.1X49-D110 "
},
{
"affected": "<",
"platform": "QFX5200/5110",
"version_name": "15.1X53",
"version_value": "15.1X53-D232"
"affected" : "<",
"platform" : "QFX5200/5110",
"version_name" : "15.1X53",
"version_value" : "15.1X53-D232"
},
{
"affected": "<",
"platform": "NFX",
"version_name": "15.1X53",
"version_value": "15.1X53-D49, 15.1X53-D470"
"affected" : "<",
"platform" : "NFX",
"version_name" : "15.1X53",
"version_value" : "15.1X53-D49, 15.1X53-D470"
},
{
"affected": "<",
"platform": "QFX10K",
"version_name": "15.1X53",
"version_value": "15.1X53-D65"
"affected" : "<",
"platform" : "QFX10K",
"version_name" : "15.1X53",
"version_value" : "15.1X53-D65"
},
{
"affected": "<",
"version_name": "16.1",
"version_value": "16.1R2"
"affected" : "<",
"version_name" : "16.1",
"version_value" : "16.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "An unauthenticated root login may allow upon reboot when a commit script is used. A commit script allows a device administrator to execute certain instructions during commit, which is configured under the [system scripts commit] stanza. Certain commit scripts that work without a problem during normal commit may cause unexpected behavior upon reboot which can leave the system in a state where root CLI login is allowed without a password due to the system reverting to a \"safe mode\" authentication state. Lastly, only logging in physically to the console port as root, with no password, will work.\n\nAffected releases are Juniper Networks Junos OS:\n12.1X46 versions prior to 12.1X46-D71 on SRX;\n12.3X48 versions prior to 12.3X48-D55 on SRX;\n14.1 versions prior to 14.1R9;\n14.1X53 versions prior to 14.1X53-D40 on QFX, EX;\n14.2 versions prior to 14.2R7-S9, 14.2R8;\n15.1 versions prior to 15.1F5-S7, 15.1F6-S8, 15.1R5-S6, 15.1R6;\n15.1X49 versions prior to 15.1X49-D110 on SRX;\n15.1X53 versions prior to 15.1X53-D232 on QFX5200/5110;\n15.1X53 versions prior to 15.1X53-D49, 15.1X53-D470 on NFX;\n15.1X53 versions prior to 15.1X53-D65 on QFX10K;\n16.1 versions prior to 16.1R2.\nNo other Juniper Networks products or platforms are affected by this issue."
"lang" : "eng",
"value" : "An unauthenticated root login may allow upon reboot when a commit script is used. A commit script allows a device administrator to execute certain instructions during commit, which is configured under the [system scripts commit] stanza. Certain commit scripts that work without a problem during normal commit may cause unexpected behavior upon reboot which can leave the system in a state where root CLI login is allowed without a password due to the system reverting to a \"safe mode\" authentication state. Lastly, only logging in physically to the console port as root, with no password, will work. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D71 on SRX; 12.3X48 versions prior to 12.3X48-D55 on SRX; 14.1 versions prior to 14.1R9; 14.1X53 versions prior to 14.1X53-D40 on QFX, EX; 14.2 versions prior to 14.2R7-S9, 14.2R8; 15.1 versions prior to 15.1F5-S7, 15.1F6-S8, 15.1R5-S6, 15.1R6; 15.1X49 versions prior to 15.1X49-D110 on SRX; 15.1X53 versions prior to 15.1X53-D232 on QFX5200/5110; 15.1X53 versions prior to 15.1X53-D49, 15.1X53-D470 on NFX; 15.1X53 versions prior to 15.1X53-D65 on QFX10K; 16.1 versions prior to 16.1R2. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "PHYSICAL",
"availabilityImpact" : "HIGH",
"baseScore" : 6.2,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "HIGH",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "unauthenticated root access"
"lang" : "eng",
"value" : "unauthenticated root access"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10835"
"url" : "https://kb.juniper.net/JSA10835"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.1X46-D71, 12.3X48-D55, 14.1R9, 14.1X53-D40, 14.2R7-S9, 14.2R8, 15.1F5-S7, 15.1R5-S6, 15.1R6, 15.1X49-D110, 15.1X53-D232, 15.1X53-D65, 16.1R2, 16.2R1 and all subsequent releases.\n"
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: 12.1X46-D71, 12.3X48-D55, 14.1R9, 14.1X53-D40, 14.2R7-S9, 14.2R8, 15.1F5-S7, 15.1R5-S6, 15.1R6, 15.1X49-D110, 15.1X53-D232, 15.1X53-D65, 16.1R2, 16.2R1 and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA10835",
"defect": [
"source" : {
"advisory" : "JSA10835",
"defect" : [
"1179601"
],
"discovery": "USER"
"discovery" : "USER"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "While there is no published workaround for this issue, customer can verify whether their commit script contains the affected configuration by rebooting the device. Please contact JTAC if after the reboot the device enters a state where root CLI login is allowed without a password."
"lang" : "eng",
"value" : "While there is no published workaround for this issue, customer can verify whether their commit script contains the affected configuration by rebooting the device. Please contact JTAC if after the reboot the device enters a state where root CLI login is allowed without a password."
}
]
}
}

146
2018/0xxx/CVE-2018-0009.json
View File

@ -1,124 +1,124 @@
{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0009",
"STATE": "PUBLIC",
"TITLE": "SRX Series: Firewall bypass vulnerability when UUID with leading zeros is configured."
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0009",
"STATE" : "PUBLIC",
"TITLE" : "SRX Series: Firewall bypass vulnerability when UUID with leading zeros is configured."
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Junos OS",
"version": {
"version_data": [
"product_name" : "Junos OS",
"version" : {
"version_data" : [
{
"affected": "<",
"platform": "SRX series",
"version_name": "12.1X46",
"version_value": "12.1X46-D71"
"affected" : "<",
"platform" : "SRX series",
"version_name" : "12.1X46",
"version_value" : "12.1X46-D71"
},
{
"affected": "<",
"platform": "SRX series",
"version_name": "12.3X48",
"version_value": "12.3X48-D55"
"affected" : "<",
"platform" : "SRX series",
"version_name" : "12.3X48",
"version_value" : "12.3X48-D55"
},
{
"affected": "<",
"platform": "SRX series",
"version_name": "15.1X49",
"version_value": "15.1X49-D100"
"affected" : "<",
"platform" : "SRX series",
"version_name" : "15.1X49",
"version_value" : "15.1X49-D100"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"configuration": [
"configuration" : [
{
"lang": "eng",
"value": "This issue is only applicable to SRX series devices with a custom application configuration containing UUIDs that start with one or more zeros.\nFor example:\n set applications application <application-name> uuid 01234567-1234-1234-1234-123456789abc\nor \n set applications application <application-name> term <term-name> uuid 01234567-1234-1234-1234-123456789abc"
"lang" : "eng",
"value" : "This issue is only applicable to SRX series devices with a custom application configuration containing UUIDs that start with one or more zeros.\nFor example:\n set applications application <application-name> uuid 01234567-1234-1234-1234-123456789abc\nor \n set applications application <application-name> term <term-name> uuid 01234567-1234-1234-1234-123456789abc"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blocked by other rules is permitted to flow through the device resulting in a firewall bypass condition.\nAffected releases are Juniper Networks Junos OS:\n12.1X46 versions prior to 12.1X46-D71 on SRX series;\n12.3X48 versions prior to 12.3X48-D55 on SRX series;\n15.1X49 versions prior to 15.1X49-D100 on SRX series."
"lang" : "eng",
"value" : "On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blocked by other rules is permitted to flow through the device resulting in a firewall bypass condition. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D71 on SRX series; 12.3X48 versions prior to 12.3X48-D55 on SRX series; 15.1X49 versions prior to 15.1X49-D100 on SRX series."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "HIGH",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"privilegesRequired" : "NONE",
"scope" : "CHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Firewall bypass vulnerability"
"lang" : "eng",
"value" : "Firewall bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10836"
"url" : "https://kb.juniper.net/JSA10836"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.1X46-D71, 12.3X48-D55, 15.1X49-D100, 17.3R1, and all subsequent releases."
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: 12.1X46-D71, 12.3X48-D55, 15.1X49-D100, 17.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10836",
"defect": [
"source" : {
"advisory" : "JSA10836",
"defect" : [
"1261522"
],
"discovery": "USER"
"discovery" : "USER"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "Do not use UUIDs starting with zeros in the configuration."
"lang" : "eng",
"value" : "Do not use UUIDs starting with zeros in the configuration."
}
]
}
}

116
2018/0xxx/CVE-2018-0010.json
View File

@ -1,99 +1,99 @@
{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0010",
"STATE": "PUBLIC",
"TITLE": "Security Director: Reusable SSH URL authentication token."
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0010",
"STATE" : "PUBLIC",
"TITLE" : "Security Director: Reusable SSH URL authentication token."
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Security Director",
"version": {
"version_data": [
"product_name" : "Security Director",
"version" : {
"version_data" : [
{
"affected": "<",
"version_name": "all",
"version_value": "17.2R1"
"affected" : "<",
"version_name" : "all",
"version_value" : "17.2R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access.\nAffected releases are all versions of Junos Space Security Director prior to 17.2R1."
"lang" : "eng",
"value" : "A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. Affected releases are all versions of Junos Space Security Director prior to 17.2R1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "HIGH",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 6.4,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "LOW",
"scope" : "UNCHANGED",
"userInteraction" : "REQUIRED",
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "reuseable authentication"
"lang" : "eng",
"value" : "reuseable authentication"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10840"
"url" : "https://kb.juniper.net/JSA10840"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos Space Security Director 17.2R1, and all subsequent releases."
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: Junos Space Security Director 17.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10840",
"defect": [
"source" : {
"advisory" : "JSA10840",
"defect" : [
"1290124"
],
"discovery": "INTERNAL"
"discovery" : "INTERNAL"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
"lang" : "eng",
"value" : "There are no viable workarounds for this issue."
}
]
}
}

122
2018/0xxx/CVE-2018-0011.json
View File

@ -1,105 +1,105 @@
{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0011",
"STATE": "PUBLIC",
"TITLE": "Junos Space: Reflected XSS vulnerability in Junos Space management interface"
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0011",
"STATE" : "PUBLIC",
"TITLE" : "Junos Space: Reflected XSS vulnerability in Junos Space management interface"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Junos Space",
"version": {
"version_data": [
"product_name" : "Junos Space",
"version" : {
"version_data" : [
{
"affected": "<",
"version_name": "All",
"version_value": "17.2R1"
"affected" : "<",
"version_name" : "All",
"version_value" : "17.2R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device."
"lang" : "eng",
"value" : "A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"privilegesRequired" : "LOW",
"scope" : "CHANGED",
"userInteraction" : "REQUIRED",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "XSS vulnerability"
"lang" : "eng",
"value" : "XSS vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10838"
"url" : "https://kb.juniper.net/JSA10838"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos Space 17.2R1 and all subsequent releases."
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: Junos Space 17.2R1 and all subsequent releases."
}
],
"source": {
"advisory": "JSA10838",
"defect": [
"source" : {
"advisory" : "JSA10838",
"defect" : [
"1322467"
],
"discovery": "INTERNAL"
"discovery" : "INTERNAL"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "Use access lists or firewall filters to limit access to the device only from trusted hosts and administrators."
"lang" : "eng",
"value" : "Use access lists or firewall filters to limit access to the device only from trusted hosts and administrators."
}
]
}
}

122
2018/0xxx/CVE-2018-0012.json
View File

@ -1,105 +1,105 @@
{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0012",
"STATE": "PUBLIC",
"TITLE": "Junos Space: Local privilege escalation vulnerability in Junos Space"
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0012",
"STATE" : "PUBLIC",
"TITLE" : "Junos Space: Local privilege escalation vulnerability in Junos Space"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Junos Space",
"version": {
"version_data": [
"product_name" : "Junos Space",
"version" : {
"version_data" : [
{
"affected": "<",
"version_name": "All",
"version_value": "17.2R1"
"affected" : "<",
"version_name" : "All",
"version_value" : "17.2R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "Junos Space is affected by a privilege escalation vulnerability that may allow a local authenticated attacker to gain root privileges."
"lang" : "eng",
"value" : "Junos Space is affected by a privilege escalation vulnerability that may allow a local authenticated attacker to gain root privileges."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "LOCAL",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "LOW",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Privilege escalation"
"lang" : "eng",
"value" : "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10838"
"url" : "https://kb.juniper.net/JSA10838"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos Space 17.2R1 and all subsequent releases."
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: Junos Space 17.2R1 and all subsequent releases."
}
],
"source": {
"advisory": "JSA10838",
"defect": [
"source" : {
"advisory" : "JSA10838",
"defect" : [
"1296620"
],
"discovery": "INTERNAL"
"discovery" : "INTERNAL"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "Use access lists or firewall filters to limit access to the device only from trusted hosts and administrators."
"lang" : "eng",
"value" : "Use access lists or firewall filters to limit access to the device only from trusted hosts and administrators."
}
]
}
}

122
2018/0xxx/CVE-2018-0013.json
View File

@ -1,105 +1,105 @@
{
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0013",
"STATE": "PUBLIC",
"TITLE": "Junos Space: Local File Inclusion Vulnerability"
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0013",
"STATE" : "PUBLIC",
"TITLE" : "Junos Space: Local File Inclusion Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Junos Space",
"version": {
"version_data": [
"product_name" : "Junos Space",
"version" : {
"version_data" : [
{
"affected": "<",
"version_name": "all",
"version_value": "17.2R1"
"affected" : "<",
"version_name" : "all",
"version_value" : "17.2R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"credit": [
"credit" : [
{
"lang": "eng",
"value": "the team at cyberhouse.ge for responsibly reporting CVE-2018-0013. "
"lang" : "eng",
"value" : "the team at cyberhouse.ge for responsibly reporting CVE-2018-0013. "
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "A local file inclusion vulnerability in Juniper Networks Junos Space Network Management Platform may allow an authenticated user to retrieve files from the system.\nThis issue was found by an external security researcher.\nJuniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang" : "eng",
"value" : "A local file inclusion vulnerability in Juniper Networks Junos Space Network Management Platform may allow an authenticated user to retrieve files from the system."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"privilegesRequired" : "LOW",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Local File Inclusion"
"lang" : "eng",
"value" : "Local File Inclusion"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10838"
"url" : "https://kb.juniper.net/JSA10838"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos Space 17.2R1, and all subsequent releases."
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: Junos Space 17.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10838",
"defect": [
"source" : {
"advisory" : "JSA10838",
"defect" : [
"1304289"
],
"discovery": "EXTERNAL"
"discovery" : "EXTERNAL"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
"lang" : "eng",
"value" : "There are no viable workarounds for this issue."
}
]
}
}

124
2018/0xxx/CVE-2018-0014.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta": {
"AKA": "Etherleak",
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-01-10T17:00:00.000Z",
"ID": "CVE-2018-0014",
"STATE": "PUBLIC",
"TITLE": "ScreenOS: Etherleak vulnerability found on ScreenOS device"
"CVE_data_meta" : {
"AKA" : "Etherleak",
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-01-10T17:00:00.000Z",
"ID" : "CVE-2018-0014",
"STATE" : "PUBLIC",
"TITLE" : "ScreenOS: Etherleak vulnerability found on ScreenOS device"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "ScreenOS",
"version": {
"version_data": [
"product_name" : "ScreenOS",
"version" : {
"version_data" : [
{
"affected": "<",
"version_name": "all",
"version_value": "6.3.0r25"
"affected" : "<",
"version_name" : "all",
"version_value" : "6.3.0r25"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
"vendor_name" : "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001.\nThe issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25."
"lang" : "eng",
"value" : "Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001. The issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25."
}
]
},
"exploit": [
"exploit" : [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "ADJACENT_NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "information leak"
"lang" : "eng",
"value" : "information leak"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://kb.juniper.net/JSA10841"
"url" : "https://kb.juniper.net/JSA10841"
}
]
},
"solution": [
"solution" : [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 6.3.0r25 and all subsequent releases."
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: 6.3.0r25 and all subsequent releases."
}
],
"source": {
"advisory": "JSA10841",
"defect": [
"source" : {
"advisory" : "JSA10841",
"defect" : [
"1281648"
],
"discovery": "EXTERNAL"
"discovery" : "EXTERNAL"
},
"work_around": [
"work_around" : [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
"lang" : "eng",
"value" : "There are no viable workarounds for this issue."
}
]
}
}