admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2018/0xxx/CVE-2018-0057.json
CVE Team 61599c0456
- Synchronized data.
2018-10-10 14:06:28 -04:00

151 lines
6.1 KiB
JSON
Raw Blame History

{
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2018-10-10T16:00:00.000Z",
"ID" : "CVE-2018-0057",
"STATE" : "PUBLIC",
"TITLE" : "Junos OS: authd allows assignment of IP address requested by DHCP subscriber logging in with Option 50 (Requested IP Address)"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Junos OS",
"version" : {
"version_data" : [
{
"affected" : "<",
"version_name" : "15.1",
"version_value" : "15.1R7-S2, 15.1R8"
},
{
"affected" : "<",
"version_name" : "16.1",
"version_value" : "16.1R4-S12, 16.1R7-S2, 16.1R8"
},
{
"affected" : "<",
"version_name" : "16.2",
"version_value" : "16.2R2-S7, 16.2R3"
},
{
"affected" : "<",
"version_name" : "17.1",
"version_value" : "17.1R2-S9, 17.1R3"
},
{
"affected" : "<",
"version_name" : "17.2",
"version_value" : "17.2R1-S7, 17.2R2-S6, 17.2R3"
},
{
"affected" : "<",
"version_name" : "17.3",
"version_value" : "17.3R2-S4, 17.3R3"
},
{
"affected" : "<",
"version_name" : "17.4",
"version_value" : "17.4R2"
},
{
"affected" : "<",
"version_name" : "18.1",
"version_value" : "18.1R2-S3, 18.1R3"
}
]
}
}
]
},
"vendor_name" : "Juniper Networks"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "On MX Series and M120/M320 platforms configured in a Broadband Edge (BBE) environment, subscribers logging in with DHCP Option 50 to request a specific IP address will be assigned the requested IP address, even if there is a static MAC to IP address binding in the access profile. In the problem scenario, with a hardware-address and IP address configured under address-assignment pool, if a subscriber logging in with DHCP Option 50, the subscriber will not be assigned an available address from the matched pool, but will still get the requested IP address. A malicious DHCP subscriber may be able to utilize this vulnerability to create duplicate IP address assignments, leading to a denial of service for valid subscribers or unauthorized information disclosure via IP address assignment spoofing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S2, 15.1R8; 16.1 versions prior to 16.1R4-S12, 16.1R7-S2, 16.1R8; 16.2 versions prior to 16.2R2-S7, 16.2R3; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "ADJACENT_NETWORK",
"availabilityImpact" : "LOW",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "CHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information disclosure"
}
]
},
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://kb.juniper.net/JSA10892",
"refsource" : "CONFIRM",
"url" : "https://kb.juniper.net/JSA10892"
}
]
},
"solution" : [
{
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: 15.1R7-S2, 15.1R8, 16.1R4-S12, 16.1R7-S2, 16.1R8, 16.2R2-S7, 16.2R3, 17.1R2-S9, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.3R2-S4, 17.3R3, 17.4R2, 18.1R2-S3, 18.1R3, 18.2R1, 18.3R1, and all subsequent releases.\n"
}
],
"source" : {
"advisory" : "JSA10892",
"defect" : [
"1351334"
],
"discovery" : "USER"
},
"work_around" : [
{
"lang" : "eng",
"value" : "There are no viable workarounds for this issue"
}
]
}
Reference in New Issue View Git Blame Copy Permalink