{ "id": "CVE-2018-0021", "sourceIdentifier": "sirt@juniper.net", "published": "2018-04-11T19:29:00.587", "lastModified": "2024-11-21T03:37:22.590", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "If all 64 digits of the connectivity association name (CKN) key or all 32 digits of the connectivity association key (CAK) key are not configured, all remaining digits will be auto-configured to 0. Hence, Juniper devices configured with short MacSec keys are at risk to an increased likelihood that an attacker will discover the secret passphrases configured for these keys through dictionary-based and brute-force-based attacks using spoofed packets. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R10, 14.1R9; 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D100; 15.1X53 versions prior to 15.1X53-D59; 16.1 versions prior to 16.1R3-S8, 16.1R4-S8, 16.1R5; 16.2 versions prior to 16.2R1-S6, 16.2R2; 17.1 versions prior to 17.1R2." }, { "lang": "es", "value": "Si no se configuran todos los 64 d\u00edgitos del nombre de la clave de asociaci\u00f3n de conectividad (CNK) o todos los 32 d\u00edgitos de la clave de asociaci\u00f3n de conectividad (CAK), el resto de d\u00edgitos se configurar\u00e1n autom\u00e1ticamente a 0. Por lo tanto, los dispositivos Juniper configurados con claves MacSec cortas est\u00e1n en riesgo de que sea m\u00e1s probable que un atacante descubra las frases de contrase\u00f1as secretas configuradas para estas claves a trav\u00e9s de ataques basados en diccionario y de fuerza bruta mediante paquetes suplantados. Las versiones afectadas son Juniper Networks Junos OS: 14.1 anteriores a 14.1R10, 14.1R9; 14.1X53 anteriores a 14.1X53-D47; 15.1 anteriores a 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 anteriores a 15.1X49-D100; 15.1X53 anteriores a 15.1X53-D59; 16.1 anteriores a 16.1R3-S8, 16.1R4-S8, 16.1R5; 16.2 anteriores a 16.2R1-S6, 16.2R2 y 17.1 anteriores a 17.1R2." } ], "metrics": { "cvssMetricV30": [ { "source": "sirt@juniper.net", "type": "Secondary", "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.1, "impactScore": 6.0 }, { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE" }, "baseSeverity": "LOW", "exploitabilityScore": 6.5, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*", "matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*", "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*", "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*", "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*", "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*", "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*", "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*", "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*", "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*", "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*", "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*", "matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*", "matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*", "matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*", "matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*", "matchCriteriaId": "6237291A-B861-4D53-B7AA-C53A44B76896" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*", "matchCriteriaId": "9C778627-820A-48F5-9680-0205D6DB5EB6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*", "matchCriteriaId": "FA7F03DC-73A2-4760-B386-2A57E9C97E65" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:*", "matchCriteriaId": "0CA10003-D52B-4110-9D7A-F50895E6BA17" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1:r4:*:*:*:*:*:*", "matchCriteriaId": "1B2D843A-8ADE-4888-8960-B48394DEA1D2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1:r5:*:*:*:*:*:*", "matchCriteriaId": "3BE66516-A06D-4C0F-8346-DFC8865C8FE8" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1:r6:*:*:*:*:*:*", "matchCriteriaId": "EEBDFC9E-7753-42A8-A5C8-4D40D219F93A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1:r7:*:*:*:*:*:*", "matchCriteriaId": "25E5D543-D779-482D-AA8A-6E77C1949FBD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1:r9:*:*:*:*:*:*", "matchCriteriaId": "8A76DAC5-AEC4-47E8-9876-71EE5BAD73E2" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*", "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*", "matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*", "matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*", "matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*", "matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*", "matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*", "matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*", "matchCriteriaId": "74500FC7-EE82-4AA8-9A5F-15DE4835E337" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*", "matchCriteriaId": "AAE14AE1-6756-4831-A8D5-A6D07DB24AF2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*", "matchCriteriaId": "A545D686-25FD-47CD-838A-CF69FB707253" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*", "matchCriteriaId": "EB013C0D-893D-4A71-AF86-B63DB4464784" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*", "matchCriteriaId": "B71FB14A-67D4-4EDD-BB32-07764F5AFA6E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*", "matchCriteriaId": "6E87C765-8D68-404A-AC71-3F22A7260E8C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*", "matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*", "matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*", "matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*", "matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*", "matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*", "matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*", "matchCriteriaId": "D58997E6-96B4-4930-A29D-B49D06DFA9D5" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d51:*:*:*:*:*:*", "matchCriteriaId": "AFB887FD-D3FB-439F-9A89-CC367A74DB00" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d52:*:*:*:*:*:*", "matchCriteriaId": "BDA46912-D173-49C5-A0A1-64BD0889D3A0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d55:*:*:*:*:*:*", "matchCriteriaId": "3BEE4EE4-18D9-4FA9-9A02-917240B851AA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d57:*:*:*:*:*:*", "matchCriteriaId": "188FED65-8A81-4BB0-B10B-8CA17B4F71CC" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d58:*:*:*:*:*:*", "matchCriteriaId": "9F03E847-748B-43BD-B6C1-BFDECE99BC3C" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*", "matchCriteriaId": "BBE35BDC-7739-4854-8BB8-E8600603DE9D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*", "matchCriteriaId": "2DC47132-9EEA-4518-8F86-5CD231FBFB61" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*", "matchCriteriaId": "CD5A30CE-9498-4007-8E66-FD0CC6CF1836" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*", "matchCriteriaId": "6D3E38C1-808C-4BD3-993D-F30855F5390F" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*", "matchCriteriaId": "3661BC68-6F32-447F-8D20-FD73FBBED9C6" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*", "matchCriteriaId": "7572C187-4D58-4E0D-A605-B2B13EFF5C6B" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "BD0952C4-FFCC-4A78-ADFC-289BD6E269DB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*", "matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*", "matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*", "matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*", "matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6" }, { "vulnerable": true, "criteria": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*", "matchCriteriaId": "120EA9E3-788B-4CFD-A74F-17111FFD0131" } ] } ] } ], "references": [ { "url": "http://www.securitytracker.com/id/1040789", "source": "sirt@juniper.net", "tags": [ "Third Party Advisory", "VDB Entry" ] }, { "url": "https://kb.juniper.net/JSA10854", "source": "sirt@juniper.net", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.securitytracker.com/id/1040789", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ] }, { "url": "https://kb.juniper.net/JSA10854", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] } ] }