admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-01-15 09:01:17 +00:00
parent f7172e3ce9
commit 8a71b1a0fd
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
11 changed files with 16 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2020/1xxx/CVE-2020-1600.json
View File

@ -124,7 +124,7 @@
"description_data": [
{
"lang": "eng",
"value": "In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condition.\n\nThis issue affects both SNMP over IPv4 and IPv6. \n\nThis issue affects:\nJuniper Networks Junos OS:\n12.3X48 versions prior to 12.3X48-D90;\n15.1 versions prior to 15.1R7-S6;\n15.1X49 versions prior to 15.1X49-D200;\n15.1X53 versions prior to 15.1X53-D238, 15.1X53-D592; \n16.1 versions prior to 16.1R7-S5;\n16.2 versions prior to 16.2R2-S11;\n17.1 versions prior to 17.1R3-S1;\n17.2 versions prior to 17.2R3-S2;\n17.3 versions prior to 17.3R3-S7;\n17.4 versions prior to 17.4R2-S4, 17.4R3;\n18.1 versions prior to 18.1R3-S5;\n18.2 versions prior to 18.2R3;\n18.2X75 versions prior to 18.2X75-D50;\n18.3 versions prior to 18.3R2;\n18.4 versions prior to 18.4R2;\n19.1 versions prior to 19.1R2.\n"
"value": "In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condition. This issue affects both SNMP over IPv4 and IPv6. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D90; 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D238, 15.1X53-D592; 16.1 versions prior to 16.1R7-S5; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R3-S2; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R3-S5; 18.2 versions prior to 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2."
}
]
},

2
2020/1xxx/CVE-2020-1601.json
View File

@ -115,7 +115,7 @@
"description_data": [
{
"lang": "eng",
"value": "Certain types of malformed Path Computation Element Protocol (PCEP) packets when received and processed by a Juniper Networks Junos OS device serving as a Path Computation Client (PCC) in a PCEP environment using Juniper's path computational element protocol daemon (pccd) process allows an attacker to cause the pccd process to crash and generate a core file thereby causing a Denial of Service (DoS).\n\nContinued receipt of this family of malformed PCEP packets will cause an extended Denial of Service (DoS) condition.\nThis issue affects:\nJuniper Networks Junos OS:\n15.1 versions prior to 15.1F6-S13, 15.1R7-S4;\n15.1X49 versions prior to 15.1X49-D180 on SRX Series;\n15.1X53 versions prior to 15.1X53-D238, 15.1X53-D496, 15.1X53-D592; \n16.1 versions prior to 16.1R7-S4;\n16.2 versions prior to 16.2R2-S9;\n17.1 versions prior to 17.1R2-S11, 17.1R3;\n17.2 versions prior to 17.2R1-S9;\n17.2 version 17.2R2 and later prior to 17.2R3-S2;\n17.3 versions prior to 17.3R3-S3;\n17.4 versions prior to 17.4R2-S2, 17.4R3;\n18.1 versions prior to 18.1R3-S2;\n18.2 versions prior to 18.2R2-S6, 18.2R3;\n18.2X75 versions prior to 18.2X75-D40;\n18.3 versions prior to 18.3R2;\n18.4 versions prior to 18.4R1-S2, 18.4R2.\n\nThis issue does not affect releases of Junos OS prior to 15.1R1. \n"
"value": "Certain types of malformed Path Computation Element Protocol (PCEP) packets when received and processed by a Juniper Networks Junos OS device serving as a Path Computation Client (PCC) in a PCEP environment using Juniper's path computational element protocol daemon (pccd) process allows an attacker to cause the pccd process to crash and generate a core file thereby causing a Denial of Service (DoS). Continued receipt of this family of malformed PCEP packets will cause an extended Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S13, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238, 15.1X53-D496, 15.1X53-D592; 16.1 versions prior to 16.1R7-S4; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R2-S11, 17.1R3; 17.2 versions prior to 17.2R1-S9; 17.2 version 17.2R2 and later prior to 17.2R3-S2; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R2-S2, 17.4R3; 18.1 versions prior to 18.1R3-S2; 18.2 versions prior to 18.2R2-S6, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2. This issue does not affect releases of Junos OS prior to 15.1R1."
}
]
},

2
2020/1xxx/CVE-2020-1602.json
View File

@ -142,7 +142,7 @@
"description_data": [
{
"lang": "eng",
"value": "When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may remotely take over the code execution of the JDHDCP process. \n\nThis issue affect IPv4 JDHCPD services. \n\nThis issue affects:\nJuniper Networks Junos OS:\n15.1 versions prior to 15.1R7-S6;\n15.1X49 versions prior to 15.1X49-D200;\n15.1X53 versions prior to 15.1X53-D592;\n16.1 versions prior to 16.1R7-S6;\n16.2 versions prior to 16.2R2-S11;\n17.1 versions prior to 17.1R2-S11, 17.1R3-S1;\n17.2 versions prior to 17.2R2-S8, 17.2R3-S3;\n17.3 versions prior to 17.3R3-S6;\n17.4 versions prior to 17.4R2-S7, 17.4R3;\n18.1 versions prior to 18.1R3-S8;\n18.2 versions prior to 18.2R3-S2;\n18.2X75 versions prior to 18.2X75-D60;\n18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3;\n18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3;\n19.1 versions prior to 19.1R1-S3, 19.1R2;\n19.2 versions prior to 19.2R1-S3, 19.2R2*.\n \nand\n\nAll versions prior to 19.3R1 on Junos OS Evolved.\n\nThis issue do not affect versions of Junos OS prior to 15.1, or JDHCPD operating as a local server in non-relay mode.\n"
"value": "When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may remotely take over the code execution of the JDHDCP process. This issue affect IPv4 JDHCPD services. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D592; 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D60; 18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S3, 19.2R2*. and All versions prior to 19.3R1 on Junos OS Evolved. This issue do not affect versions of Junos OS prior to 15.1, or JDHCPD operating as a local server in non-relay mode."
}
]
},

2
2020/1xxx/CVE-2020-1603.json
View File

@ -109,7 +109,7 @@
"description_data": [
{
"lang": "eng",
"value": "Specific IPv6 packets sent by clients processed by the Routing Engine (RE) are improperly handled. These IPv6 packets are designed to be blocked by the RE from egressing the RE. Instead, the RE allows these specific IPv6 packets to egress the RE, at which point a mbuf memory leak occurs within the Juniper Networks Junos OS device. This memory leak eventually leads to a kernel crash (vmcore), or the device hanging and requiring a power cycle to restore service, creating a Denial of Service (DoS) condition. \n\nDuring the time where mbufs are rising, yet not fully filled, some traffic from client devices may begin to be black holed. To be black holed, this traffic must match the condition where this traffic must be processed by the RE. \nContinued receipt and attempted egress of these specific IPv6 packets from the Routing Engine (RE) will create an extended Denial of Service (DoS) condition. \n\nScenarios which have been observed are: \n1. In a single chassis, single RE scenario, the device will hang without vmcore, or a vmcore may occur and then hang. In this scenario the device needs to be power cycled.\n2. In a single chassis, dual RE scenario, the device master RE will fail over to the backup RE. In this scenario, the master and the backup REs need to be reset from time to time when they vmcore. There is no need to power cycle the device.\n3. In a dual chassis, single RE scenario, the device will hang without vmcore, or a vmcore may occur and then hang. In this scenario, the two chassis' design relies upon some type of network level redundancy - VRRP, GRES, NSR, etc. - \n3.a In a commanded switchover, where nonstop active routing (NSR) is enabled no session loss is observed.\n4. In a dual chassis, dual chassis scenario, rely upon the RE to RE failover as stated in the second scenario. In the unlikely event that the device does not switch RE to RE gracefully, then the fallback position is to the network level services scenario in the third scenario.\n\n \n \n\n\n\n\n\nThis issue affects:\nJuniper Networks Junos OS\n16.1 versions prior to 16.1R7-S6;\n16.1 version 16.1X70-D10 and later; \n16.2 versions prior to 16.2R2-S11;\n17.1 versions prior to 17.1R2-S11, 17.1R3-S1;\n17.2 versions prior to 17.2R1-S9, 17.2R2-S8, 17.2R3-S3;\n17.3 versions prior to 17.3R3-S6;\n17.4 versions prior to 17.4R2-S9, 17.4R3;\n18.1 versions prior to 18.1R3-S7;\n18.2 versions prior to 18.2R3-S2;\n18.2X75 versions prior to 18.2X75-D50, 18.2X75-D410;\n18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3;\n18.4 versions prior to 18.4R1-S6, 18.4R2-S2, 18.4R3;\n19.1 versions prior to 19.1R1-S3, 19.1R2;\n19.2 versions prior to 19.2R1-S2, 19.2R2.\n\nThis issue does not affect releases prior to Junos OS 16.1R1.\n"
"value": "Specific IPv6 packets sent by clients processed by the Routing Engine (RE) are improperly handled. These IPv6 packets are designed to be blocked by the RE from egressing the RE. Instead, the RE allows these specific IPv6 packets to egress the RE, at which point a mbuf memory leak occurs within the Juniper Networks Junos OS device. This memory leak eventually leads to a kernel crash (vmcore), or the device hanging and requiring a power cycle to restore service, creating a Denial of Service (DoS) condition. During the time where mbufs are rising, yet not fully filled, some traffic from client devices may begin to be black holed. To be black holed, this traffic must match the condition where this traffic must be processed by the RE. Continued receipt and attempted egress of these specific IPv6 packets from the Routing Engine (RE) will create an extended Denial of Service (DoS) condition. Scenarios which have been observed are: 1. In a single chassis, single RE scenario, the device will hang without vmcore, or a vmcore may occur and then hang. In this scenario the device needs to be power cycled. 2. In a single chassis, dual RE scenario, the device master RE will fail over to the backup RE. In this scenario, the master and the backup REs need to be reset from time to time when they vmcore. There is no need to power cycle the device. 3. In a dual chassis, single RE scenario, the device will hang without vmcore, or a vmcore may occur and then hang. In this scenario, the two chassis' design relies upon some type of network level redundancy - VRRP, GRES, NSR, etc. - 3.a In a commanded switchover, where nonstop active routing (NSR) is enabled no session loss is observed. 4. In a dual chassis, dual chassis scenario, rely upon the RE to RE failover as stated in the second scenario. In the unlikely event that the device does not switch RE to RE gracefully, then the fallback position is to the network level services scenario in the third scenario. This issue affects: Juniper Networks Junos OS 16.1 versions prior to 16.1R7-S6; 16.1 version 16.1X70-D10 and later; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D50, 18.2X75-D410; 18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R1-S6, 18.4R2-S2, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2. This issue does not affect releases prior to Junos OS 16.1R1."
}
]
},

2
2020/1xxx/CVE-2020-1604.json
View File

@ -105,7 +105,7 @@
"description_data": [
{
"lang": "eng",
"value": "On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component may cause the firewall filter evaluation of certain packets to fail.\n\nThis issue only affects firewall filter evaluation of certain packets destined to the device Routing Engine (RE).\nThis issue does not affect the Layer 2 firewall filter evaluation nor does it affect the Layer 3 firewall filter evaluation destined to connected hosts.\n\nThis issue may occur when evaluating both IPv4 or IPv6 packets.\nThis issue affects Juniper Networks Junos OS:\n14.1X53 versions prior to 14.1X53-D12 on QFX5100 Series and EX4600 Series;\n14.1X53 versions prior to 14.1X53-D52 on QFX3500 Series;\n14.1X53 versions prior to 14.1X53-D48 on EX4300 Series;\n15.1 versions prior to 15.1R7-S3 on EX4300 Series;\n16.1 versions prior to 16.1R7 on EX4300 Series;\n17.1 versions prior to 17.1R3 on EX4300 Series;\n17.2 versions prior to 17.2R3 on EX4300 Series;\n17.3 versions prior to 17.3R2-S5, 17.3R3 on EX4300 Series;\n17.4 versions prior to 17.4R2 on EX4300 Series;\n18.1 versions prior to 18.1R3 on EX4300 Series;\n18.2 versions prior to 18.2R2 on EX4300 Series."
"value": "On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component may cause the firewall filter evaluation of certain packets to fail. This issue only affects firewall filter evaluation of certain packets destined to the device Routing Engine (RE). This issue does not affect the Layer 2 firewall filter evaluation nor does it affect the Layer 3 firewall filter evaluation destined to connected hosts. This issue may occur when evaluating both IPv4 or IPv6 packets. This issue affects Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D12 on QFX5100 Series and EX4600 Series; 14.1X53 versions prior to 14.1X53-D52 on QFX3500 Series; 14.1X53 versions prior to 14.1X53-D48 on EX4300 Series; 15.1 versions prior to 15.1R7-S3 on EX4300 Series; 16.1 versions prior to 16.1R7 on EX4300 Series; 17.1 versions prior to 17.1R3 on EX4300 Series; 17.2 versions prior to 17.2R3 on EX4300 Series; 17.3 versions prior to 17.3R2-S5, 17.3R3 on EX4300 Series; 17.4 versions prior to 17.4R2 on EX4300 Series; 18.1 versions prior to 18.1R3 on EX4300 Series; 18.2 versions prior to 18.2R2 on EX4300 Series."
}
]
},

2
2020/1xxx/CVE-2020-1605.json
View File

@ -142,7 +142,7 @@
"description_data": [
{
"lang": "eng",
"value": "When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may then arbitrarily execute commands as root on the target device.\n\nThis issue affects IPv4 JDHCPD services. \n\nThis issue affects:\nJuniper Networks Junos OS:\n15.1 versions prior to 15.1R7-S6;\n15.1X49 versions prior to 15.1X49-D200;\n15.1X53 versions prior to 15.1X53-D592;\n16.1 versions prior to 16.1R7-S6;\n16.2 versions prior to 16.2R2-S11;\n17.1 versions prior to 17.1R2-S11, 17.1R3-S1;\n17.2 versions prior to 17.2R2-S8, 17.2R3-S3;\n17.3 versions prior to 17.3R3-S6;\n17.4 versions prior to 17.4R2-S7, 17.4R3;\n18.1 versions prior to 18.1R3-S8;\n18.2 versions prior to 18.2R3-S2;\n18.2X75 versions prior to 18.2X75-D60;\n18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3;\n18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3;\n19.1 versions prior to 19.1R1-S3, 19.1R2;\n19.2 versions prior to 19.2R1-S3, 19.2R2*.\n \nand\n\nAll versions prior to 19.3R1 on Junos OS Evolved.\n\nThis issue do not affect versions of Junos OS prior to 15.1, or JDHCPD operating as a local server in non-relay mode.\n"
"value": "When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may then arbitrarily execute commands as root on the target device. This issue affects IPv4 JDHCPD services. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D592; 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D60; 18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S3, 19.2R2*. and All versions prior to 19.3R1 on Junos OS Evolved. This issue do not affect versions of Junos OS prior to 15.1, or JDHCPD operating as a local server in non-relay mode."
}
]
},

2
2020/1xxx/CVE-2020-1606.json
View File

@ -144,7 +144,7 @@
"description_data": [
{
"lang": "eng",
"value": "A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with 'world' readable permission and delete files with 'world' writeable permission.\nThis issue does not affect system files that can be accessed only by root user.\n\nThis issue affects Juniper Networks Junos OS:\n12.3 versions prior to 12.3R12-S13;\n12.3X48 versions prior to 12.3X48-D85 on SRX Series;\n14.1X53 versions prior to 14.1X53-D51;\n15.1F6 versions prior to 15.1F6-S13;\n15.1 versions prior to 15.1R7-S5;\n15.1X49 versions prior to 15.1X49-D180 on SRX Series;\n15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110 Series;\n16.1 versions prior to 16.1R4-S13, 16.1R7-S5;\n16.2 versions prior to 16.2R2-S10;\n17.1 versions prior to 17.1R3-S1;\n17.2 versions prior to 17.2R1-S9, 17.2R3-S2;\n17.3 versions prior to 17.3R2-S5, 17.3R3-S5;\n17.4 versions prior to 17.4R2-S9, 17.4R3;\n18.1 versions prior to 18.1R3-S8;\n18.2 versions prior to 18.2R3;\n18.3 versions prior to 18.3R2-S3, 18.3R3;\n18.4 versions prior to 18.4R2;\n19.1 versions prior to 19.1R1-S4, 19.1R2."
"value": "A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with 'world' readable permission and delete files with 'world' writeable permission. This issue does not affect system files that can be accessed only by root user. This issue affects Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S13; 12.3X48 versions prior to 12.3X48-D85 on SRX Series; 14.1X53 versions prior to 14.1X53-D51; 15.1F6 versions prior to 15.1F6-S13; 15.1 versions prior to 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110 Series; 16.1 versions prior to 16.1R4-S13, 16.1R7-S5; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R3-S2; 17.3 versions prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2-S3, 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S4, 19.1R2."
}
]
},

2
2020/1xxx/CVE-2020-1607.json
View File

@ -150,7 +150,7 @@
"description_data": [
{
"lang": "eng",
"value": "Insufficient Cross-Site Scripting (XSS) protection in J-Web may potentially allow a remote attacker to inject web script or HTML, hijack the target user's J-Web session and perform administrative actions on the Junos device as the targeted user. \n\n\nThis issue affects Juniper Networks Junos OS\n12.3 versions prior to 12.3R12-S15;\n12.3X48 versions prior to 12.3X48-D86, 12.3X48-D90 on SRX Series;\n14.1X53 versions prior to 14.1X53-D51 on EX and QFX Series;\n15.1F6 versions prior to 15.1F6-S13;\n15.1 versions prior to 15.1R7-S5;\n15.1X49 versions prior to 15.1X49-D181, 15.1X49-D190 on SRX Series;\n15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110 Series;\n15.1X53 versions prior to 15.1X53-D592 on EX2300/EX3400 Series;\n16.1 versions prior to 16.1R4-S13, 16.1R7-S5;\n16.2 versions prior to 16.2R2-S10;\n17.1 versions prior to 17.1R2-S11, 17.1R3-S1;\n17.2 versions prior to 17.2R1-S9, 17.2R3-S2;\n17.3 versions prior to 17.3R2-S5, 17.3R3-S5;\n17.4 versions prior to 17.4R2-S6, 17.4R3;\n18.1 versions prior to 18.1R3-S7;\n18.2 versions prior to 18.2R2-S5, 18.2R3;\n18.3 versions prior to 18.3R1-S6, 18.3R2-S1, 18.3R3;\n18.4 versions prior to 18.4R1-S5, 18.4R2;\n19.1 versions prior to 19.1R1-S2, 19.1R2."
"value": "Insufficient Cross-Site Scripting (XSS) protection in J-Web may potentially allow a remote attacker to inject web script or HTML, hijack the target user's J-Web session and perform administrative actions on the Junos device as the targeted user. This issue affects Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D86, 12.3X48-D90 on SRX Series; 14.1X53 versions prior to 14.1X53-D51 on EX and QFX Series; 15.1F6 versions prior to 15.1F6-S13; 15.1 versions prior to 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D181, 15.1X49-D190 on SRX Series; 15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D592 on EX2300/EX3400 Series; 16.1 versions prior to 16.1R4-S13, 16.1R7-S5; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R3-S2; 17.3 versions prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R2-S5, 18.2R3; 18.3 versions prior to 18.3R1-S6, 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2; 19.1 versions prior to 19.1R1-S2, 19.1R2."
}
]
},

2
2020/1xxx/CVE-2020-1608.json
View File

@ -128,7 +128,7 @@
"description_data": [
{
"lang": "eng",
"value": "Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge (BBE) service may trigger a kernel crash (vmcore), causing the device to reboot.\n\nThe issue is specific to the processing of packets destined to BBE clients connected to MX Series subscriber management platforms.\n\n\nThis issue affects MX Series running Juniper Networks Junos OS:\n17.2 versions starting from17.2R2-S6, 17.2R3 and later releases, prior to 17.2R3-S3;\n17.3 versions starting from 17.3R2-S4, 17.3R3-S2 and later releases, prior to 17.3R2-S5, 17.3R3-S5;\n17.4 versions starting from 17.4R2 and later releases, prior to 17.4R2-S7,17.4R3;\n18.1 versions starting from 18.1R2-S3, 18.1R3 and later releases, prior to 18.1R3-S6;\n18.2 versions starting from18.2R1-S1, 18.2R2 and later releases, prior to 18.2R3-S2;\n18.2X75 versions prior to 18.2X75-D51, 18.2X75-D60;\n18.3 versions prior to 18.3R3;\n18.4 versions prior to 18.4R2;\n19.1 versions prior to 19.1R1-S3, 19.1R2;\n19.2 versions prior to 19.2R1-S2, 19.2R2.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 17.2R2-S6."
"value": "Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge (BBE) service may trigger a kernel crash (vmcore), causing the device to reboot. The issue is specific to the processing of packets destined to BBE clients connected to MX Series subscriber management platforms. This issue affects MX Series running Juniper Networks Junos OS: 17.2 versions starting from17.2R2-S6, 17.2R3 and later releases, prior to 17.2R3-S3; 17.3 versions starting from 17.3R2-S4, 17.3R3-S2 and later releases, prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions starting from 17.4R2 and later releases, prior to 17.4R2-S7,17.4R3; 18.1 versions starting from 18.1R2-S3, 18.1R3 and later releases, prior to 18.1R3-S6; 18.2 versions starting from18.2R1-S1, 18.2R2 and later releases, prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D51, 18.2X75-D60; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 17.2R2-S6."
}
]
},

2
2020/1xxx/CVE-2020-1609.json
View File

@ -142,7 +142,7 @@
"description_data": [
{
"lang": "eng",
"value": "When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv6 packets who may then arbitrarily execute commands as root on the target device.\n\nThis issue affects IPv6 JDHCPD services. \n\nThis issue affects:\nJuniper Networks Junos OS:\n15.1 versions prior to 15.1R7-S6;\n15.1X49 versions prior to 15.1X49-D200;\n15.1X53 versions prior to 15.1X53-D592;\n16.1 versions prior to 16.1R7-S6;\n16.2 versions prior to 16.2R2-S11;\n17.1 versions prior to 17.1R2-S11, 17.1R3-S1;\n17.2 versions prior to 17.2R2-S8, 17.2R3-S3;\n17.3 versions prior to 17.3R3-S6;\n17.4 versions prior to 17.4R2-S7, 17.4R3;\n18.1 versions prior to 18.1R3-S8;\n18.2 versions prior to 18.2R3-S2;\n18.2X75 versions prior to 18.2X75-D60;\n18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3;\n18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3;\n19.1 versions prior to 19.1R1-S3, 19.1R2;\n19.2 versions prior to 19.2R1-S3, 19.2R2*.\n \nand\n\nAll versions prior to 19.3R1 on Junos OS Evolved.\n\nThis issue do not affect versions of Junos OS prior to 15.1, or JDHCPD operating as a local server in non-relay mode.\n"
"value": "When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv6 packets who may then arbitrarily execute commands as root on the target device. This issue affects IPv6 JDHCPD services. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D592; 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D60; 18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S3, 19.2R2*. and All versions prior to 19.3R1 on Junos OS Evolved. This issue do not affect versions of Junos OS prior to 15.1, or JDHCPD operating as a local server in non-relay mode."
}
]
},

10
2020/1xxx/CVE-2020-1611.json
View File

@ -37,7 +37,7 @@
"description_data": [
{
"lang": "eng",
"value": "A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets.\nThis issue affects:\nJuniper Networks Junos Space\nversions prior to 19.4R1."
"value": "A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Networks Junos Space versions prior to 19.4R1."
}
]
},
@ -75,12 +75,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10993"
"refsource": "MISC",
"url": "https://kb.juniper.net/JSA10993",
"name": "https://kb.juniper.net/JSA10993"
},
{
"refsource": "MISC",
"url": "https://prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR1449224"
"url": "https://prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR1449224",
"name": "https://prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR1449224"
}
]
},