admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2018/CVE-2018-00xx/CVE-2018-0016.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

358 lines
14 KiB
JSON
Raw Blame History

{
"id": "CVE-2018-0016",
"sourceIdentifier": "sirt@juniper.net",
"published": "2018-04-11T19:29:00.277",
"lastModified": "2019-10-09T23:30:58.330",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only vulnerable to the specially crafted CLNP datagram if 'clns-routing' or ES-IS is explicitly configured. Devices with without CLNS enabled are not vulnerable to this issue. Devices with IS-IS configured on the interface are not vulnerable to this issue unless CLNS routing is also enabled. This issue only affects devices running Junos OS 15.1. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5; 15.1X49 versions prior to 15.1X49-D60; 15.1X53 versions prior to 15.1X53-D66, 15.1X53-D233, 15.1X53-D471. Earlier releases are unaffected by this vulnerability, and the issue has been resolved in Junos OS 16.1R1 and all subsequent releases."
},
{
"lang": "es",
"value": "La recepci\u00f3n de un datagrama CLNP (Connectionless Network Protocol) destinado a la interfaz de un dispositivo Junos OS puede resultar en un cierre inesperado del kernel o conducir a la ejecuci\u00f3n remota de c\u00f3digo. Los dispositivos solo son vulnerables al datagrama CLNP especialmente manipulado si 'clns-routing' o ES-IS est\u00e1n expl\u00edcitamente configurados. Los dispositivos sin CLNS habilitado no son vulnerables a este problema. Los dispositivos con IS-IS configurado en la interfaz no son vulnerables, a no ser que el enrutamiento CLNS est\u00e9 tambi\u00e9n habilitado. Este problema solo afecta a dispositivos que ejecutan Junos OS 15.1. Las versiones afectadas son Juniper Networks Junos OS: 15.1 en versiones anteriores a la 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5; 15.1X49 en versiones anteriores a la15.1X49-D60; 15.1X53 en versiones anteriores a la 15.1X53-D66, 15.1X53-D233 y 15.1X53-D471. Los lanzamientos anteriores no se han visto afectados por esta vulnerabilidad; el problema se ha resuelto en Junos OS 16.1R1 y en todas las versiones posteriores."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
},
{
"source": "sirt@juniper.net",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "SINGLE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0952C4-FFCC-4A78-ADFC-289BD6E269DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1f:*:*:*:*:*:*:*",
"matchCriteriaId": "99A79967-FBAD-4205-AF27-A64C2AA34E86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1f2:*:*:*:*:*:*:*",
"matchCriteriaId": "F340A343-BEAB-42E9-A627-5BCD4B82427E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1f3:*:*:*:*:*:*:*",
"matchCriteriaId": "027BAB70-7DB8-4642-8B6B-F7C3DF9149DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1f4:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA6701B-90D2-4286-8414-96E45B37364A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1f5:*:*:*:*:*:*:*",
"matchCriteriaId": "B4409D08-E682-4D5C-8A23-3F173F88BEF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1f5:s1:*:*:*:*:*:*",
"matchCriteriaId": "795DE6D9-86ED-46DE-8496-024494B74C79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1f6:s1:*:*:*:*:*:*",
"matchCriteriaId": "CD8A323E-64CE-46BE-AFF6-5F11ACB5A40B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1f6:s2:*:*:*:*:*:*",
"matchCriteriaId": "83773828-2475-4A65-ACDE-B6AD2588AB8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*",
"matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*",
"matchCriteriaId": "B71FB14A-67D4-4EDD-BB32-07764F5AFA6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*",
"matchCriteriaId": "6E87C765-8D68-404A-AC71-3F22A7260E8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
"matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
"matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
"matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
"matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
"matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
"matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*",
"matchCriteriaId": "D58997E6-96B4-4930-A29D-B49D06DFA9D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d51:*:*:*:*:*:*",
"matchCriteriaId": "AFB887FD-D3FB-439F-9A89-CC367A74DB00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d52:*:*:*:*:*:*",
"matchCriteriaId": "BDA46912-D173-49C5-A0A1-64BD0889D3A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d55:*:*:*:*:*:*",
"matchCriteriaId": "3BEE4EE4-18D9-4FA9-9A02-917240B851AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d57:*:*:*:*:*:*",
"matchCriteriaId": "188FED65-8A81-4BB0-B10B-8CA17B4F71CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d58:*:*:*:*:*:*",
"matchCriteriaId": "9F03E847-748B-43BD-B6C1-BFDECE99BC3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*",
"matchCriteriaId": "962CCED8-E321-4878-9BE6-0DC33778559A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*",
"matchCriteriaId": "2B08B97A-5D4D-405B-A1C4-9E327E4EED35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*",
"matchCriteriaId": "738C1061-E8B8-4924-AFE9-5E59F22CA4A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*",
"matchCriteriaId": "9071DC8C-D0AA-448E-82BF-7C801199193F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d64:*:*:*:*:*:*",
"matchCriteriaId": "395CC50B-9042-4B12-9A1C-A8D5D571DC25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d65:*:*:*:*:*:*",
"matchCriteriaId": "F0396190-54A5-4F11-8530-B5EC7BCBC85A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:juniper:junos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA2466C-D443-4A63-AA4F-1AE4EE5DA02A"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/103747",
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1040784",
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://kb.juniper.net/JSA10844",
"source": "sirt@juniper.net",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink