mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-06-12 02:05:39 +00:00
Update CVE-2021-31371.json
Juniper-2021-10-13 CVE publications update
This commit is contained in:
cu-jnpr
parent
377ebed41d
commit
913aa21569
@ -4,7 +4,7 @@
|
||||
"DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
|
||||
"ID": "CVE-2021-31371",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "Junos OS: QFX5110 Series: Traffic from the network internal to the device (128.0.0.0) may be forwarded to egress interfaces."
|
||||
"TITLE": "Junos OS: QFX5000 Series: Traffic from the network internal to the device (128.0.0.0) may be forwarded to egress interfaces."
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
@ -17,78 +17,78 @@
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"platform": "QFX5110 Series",
|
||||
"platform": "QFX5000 Series",
|
||||
"version_affected": "<",
|
||||
"version_value": "17.3R3-S12"
|
||||
},
|
||||
{
|
||||
"platform": "QFX5110 Series",
|
||||
"platform": "QFX5000 Series",
|
||||
"version_affected": "<",
|
||||
"version_name": "18.1",
|
||||
"version_value": "18.1R3-S13"
|
||||
},
|
||||
{
|
||||
"platform": "QFX5110 Series",
|
||||
"platform": "QFX5000 Series",
|
||||
"version_affected": "<",
|
||||
"version_name": "18.3",
|
||||
"version_value": "18.3R3-S5"
|
||||
},
|
||||
{
|
||||
"platform": "QFX5110 Series",
|
||||
"platform": "QFX5000 Series",
|
||||
"version_affected": "<",
|
||||
"version_name": "19.1",
|
||||
"version_value": "19.1R3-S6"
|
||||
},
|
||||
{
|
||||
"platform": "QFX5110 Series",
|
||||
"platform": "QFX5000 Series",
|
||||
"version_affected": "<",
|
||||
"version_name": "19.2",
|
||||
"version_value": "19.2R1-S7, 19.2R3-S3"
|
||||
},
|
||||
{
|
||||
"platform": "QFX5110 Series",
|
||||
"platform": "QFX5000 Series",
|
||||
"version_affected": "<",
|
||||
"version_name": "19.3",
|
||||
"version_value": "19.3R2-S6, 19.3R3-S3"
|
||||
},
|
||||
{
|
||||
"platform": "QFX5110 Series",
|
||||
"platform": "QFX5000 Series",
|
||||
"version_affected": "<",
|
||||
"version_name": "19.4",
|
||||
"version_value": "19.4R1-S4, 19.4R3-S5"
|
||||
},
|
||||
{
|
||||
"platform": "QFX5110 Series",
|
||||
"platform": "QFX5000 Series",
|
||||
"version_affected": "<",
|
||||
"version_name": "20.1",
|
||||
"version_value": "20.1R2-S2, 20.1R3-S1"
|
||||
},
|
||||
{
|
||||
"platform": "QFX5110 Series",
|
||||
"platform": "QFX5000 Series",
|
||||
"version_affected": "<",
|
||||
"version_name": "20.2",
|
||||
"version_value": "20.2R3-S2"
|
||||
},
|
||||
{
|
||||
"platform": "QFX5110 Series",
|
||||
"platform": "QFX5000 Series",
|
||||
"version_affected": "<",
|
||||
"version_name": "20.3",
|
||||
"version_value": "20.3R3-S1"
|
||||
},
|
||||
{
|
||||
"platform": "QFX5110 Series",
|
||||
"platform": "QFX5000 Series",
|
||||
"version_affected": "<",
|
||||
"version_name": "20.4",
|
||||
"version_value": "20.4R2-S1, 20.4R3"
|
||||
},
|
||||
{
|
||||
"platform": "QFX5110 Series",
|
||||
"platform": "QFX5000 Series",
|
||||
"version_affected": "<",
|
||||
"version_name": "21.1",
|
||||
"version_value": "21.1R1-S1, 21.1R2"
|
||||
},
|
||||
{
|
||||
"platform": "QFX5110 Series",
|
||||
"platform": "QFX5000 Series",
|
||||
"version_affected": "<",
|
||||
"version_name": "21.2",
|
||||
"version_value": "21.2R1"
|
||||
@ -110,7 +110,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5110 switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet, leading to an information exposure vulnerability.\n \n\n\nThis issue affects:\nJuniper Networks Junos OS on QFX5110 Series:\nAll versions prior to 17.3R3-S12;\n18.1 versions prior to 18.1R3-S13;\n18.3 versions prior to 18.3R3-S5;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R1-S4, 19.4R3-S5;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3-S1;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2;\n"
|
||||
"value": "Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5000 Series switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet, leading to an information exposure vulnerability.\n \n\n\nThis issue affects Juniper Networks Junos OS on QFX5110, QFX5120, QFX5200, QFX5210 Series, and QFX5100 with QFX 5e Series image installed:\nAll versions prior to 17.3R3-S12;\n18.1 versions prior to 18.1R3-S13;\n18.3 versions prior to 18.3R3-S5;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R1-S4, 19.4R3-S5;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3-S1;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2;\n"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user