mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
186 lines
6.4 KiB
JSON
186 lines
6.4 KiB
JSON
{
|
|
"id": "CVE-2016-1273",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2016-04-15T14:59:08.160",
|
|
"lastModified": "2016-04-20T21:23:45.793",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Juniper Junos OS before 13.2X51-D40, 14.x before 14.1X53-D30, and 15.x before 15.1X53-D20 on QFX5100 and QFX10002 switches do not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic encryption and authentication protection mechanisms via unspecified vectors."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Juniper Junos OS en versiones anteriores a 13.2X51-D40, 14.x en versiones anteriores a 14.1X53-D30 y 15.x en versiones anteriores a 15.1X53-D20 en switches QFX5100 y QFX10002 no tienen suficiente entrop\u00eda, lo que facilita a atacantes remotos romper el cifrado criptogr\u00e1fico y los mecanismos de protecci\u00f3n de autenticaci\u00f3n a trav\u00e9s de vectores no especificados."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "HIGH",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.9,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 2.2,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 4.3
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-310"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:*:d35:*:*:*:*:*:*",
|
|
"versionEndIncluding": "13.2x51",
|
|
"matchCriteriaId": "E7D89ADE-DE99-42C7-970A-7DB24EF7106B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
|
|
"matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
|
|
"matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
|
|
"matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
|
|
"matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AC196685-3B0C-4754-AE6A-6BE456CC6B52"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
|
|
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6E87C765-8D68-404A-AC71-3F22A7260E8C"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F1401145-D8EC-4DB9-9CDE-9DE6C0D000C5"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10746",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |