Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-0048 (GCVE-0-2018-0048)
Vulnerability from cvelistv5 – Published: 2018-10-10 18:00 – Updated: 2024-09-16 20:03
VLAI?
EPSS
Title
Junos OS: Memory exhaustion denial of service vulnerability in Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support.
Summary
A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3;
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
17.2 , < 17.2R1-S7, 17.2R2-S6, 17.2R3
(custom)
Affected: 17.2X75 , < 17.2X75-D102, 17.2X75-D110 (custom) Affected: 17.3 , < 17.3R2-S4, 17.3R3 (custom) Affected: 17.4 , < 17.4R1-S5, 17.4R2 (custom) Affected: 18.1 , < 18.1R2-S3, 18.1R3 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:14:16.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105564",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105564"
},
{
"name": "1041849",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041849"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10882"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "17.2R1-S7, 17.2R2-S6, 17.2R3",
"status": "affected",
"version": "17.2",
"versionType": "custom"
},
{
"lessThan": "17.2X75-D102, 17.2X75-D110",
"status": "affected",
"version": "17.2X75",
"versionType": "custom"
},
{
"lessThan": "17.3R2-S4, 17.3R3",
"status": "affected",
"version": "17.3",
"versionType": "custom"
},
{
"lessThan": "17.4R1-S5, 17.4R2",
"status": "affected",
"version": "17.4",
"versionType": "custom"
},
{
"lessThan": "18.1R2-S3, 18.1R3",
"status": "affected",
"version": "18.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-10-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3;"
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T09:57:01.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"name": "105564",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105564"
},
{
"name": "1041849",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041849"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10882"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.2X75-D102, 17.2X75-D110, 17.3R2-S4, 17.3R3, 17.4R1-S5, 17.4R2, 18.1R2-S3, 18.1R3, 18.2R1, 18.2X75-D10, 18.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10882",
"defect": [
"1344177"
],
"discovery": "INTERNAL"
},
"title": "Junos OS: Memory exhaustion denial of service vulnerability in Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support.",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-10-10T16:00:00.000Z",
"ID": "CVE-2018-0048",
"STATE": "PUBLIC",
"TITLE": "Junos OS: Memory exhaustion denial of service vulnerability in Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "17.2",
"version_value": "17.2R1-S7, 17.2R2-S6, 17.2R3"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "17.2X75",
"version_value": "17.2X75-D102, 17.2X75-D110"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "17.3",
"version_value": "17.3R2-S4, 17.3R3"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "17.4",
"version_value": "17.4R1-S5, 17.4R2"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "18.1",
"version_value": "18.1R2-S3, 18.1R3"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3;"
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105564"
},
{
"name": "1041849",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041849"
},
{
"name": "https://kb.juniper.net/JSA10882",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10882"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.2X75-D102, 17.2X75-D110, 17.3R2-S4, 17.3R3, 17.4R1-S5, 17.4R2, 18.1R2-S3, 18.1R3, 18.2R1, 18.2X75-D10, 18.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10882",
"defect": [
"1344177"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2018-0048",
"datePublished": "2018-10-10T18:00:00.000Z",
"dateReserved": "2017-11-16T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:03:41.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTFR-2018-AVI-487
Vulnerability from certfr_avis - Published: 2018-10-11 - Updated: 2018-10-11
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 jusqu'aux versions 15.1X49-D14 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 jusqu'aux versions 15.1X49-D131, 15.1X49-D140 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 7.2X75 jusqu'aux versions 17.2X75-D102, 17.2X75-D11 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R1-S6, 17.2R2-S3, 17.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 versions jusqu'aux versions 12.3X48-D7 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.2 jusqu'aux versions 18.2R1-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R1-S3, 17.4R | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R4-S12, 16.1R6-S6 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 et supérieures, incluant 17.4R1-S3 jusqu'aux versions 17.4R1-S5 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D233 sur QFX5200/QFX5110 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 jusqu'aux versions 16.2R1-S6 16.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R7-S1 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R1-S5 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1F | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R2-S9, 17.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R2-S9 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R1-S7 17.1R2-S6 17.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R1-S7, 17.2R2-S6 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 supérieures, incluant 15.1X53-D233 jusqu'aux versions 15.1X53-D235 sur QFX5200/QFX511 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3R12-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R2-S4, 17.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 versions jusqu'aux versions 14.1X53-D47 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 jusqu'aux versions 18.1R2 sur MX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 et supérieures, incluant 16.1R7 jusqu'aux versions 16.1R7-S | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 versions jusqu'aux versions 14.1X53-D48 sur QFX | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 et supérieures, incluant 16.1R6-S3 jusqu'aux versions 16.1R6-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D471 15.1X53-D490 sur NFX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 et supérieures, incluant 15.1R7 jusqu'aux versions 15.1R7-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4R2 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1X65 jusqu'aux versions 16.1X65-D4 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 versions jusqu'aux versions 12.3X48-D75 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R7-S2, 15.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 et supérieures, incluant 16.2R2-S5 jusqu'aux versions 16.2R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 jusqu'aux versions 16.2R2-S7 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R2-S4, 17.3R | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R3-S9, 16.1R4-S9, 16.1R5-S4, 16.1R6-S4, 16.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R1-S5, 17.3R2-S2, 17.3R | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3 versions jusqu'aux versions 12.3R12-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R1-S5, 17.4R | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 et supérieures, incluant 18.1R2 jusqu'aux versions 18.1R2-S3, 18.1R3 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 jusqu'aux versions 16.2R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 versions jusqu'aux versions 14.1X53-D130 sur QFabric | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D233 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R3 sur QFX5000 et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D235, 15.1X53-D49 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 jusqu'aux versions 18.1R2 sur QFX5000 Series et EX4600 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1X53 et 15.1X53-D471 jusqu'aux versions 15.1X53-D590 sur NFX150, NFX25 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3R3 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R2-S6, 17.2R3 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 et supérieures, incluant 17.1R2-S7 jusqu'aux versions 17.1R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R3-S8 16.1R4-S8 16.1R5-S4 16.1R6-S4 16.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R7 sur QFX5000 et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 et supérieures, incluant 17.3R1-S4 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R4-S12, 16.1R7-S2, 16.1R | ||
| Juniper Networks | N/A | Junos Space Network Management Platform jusqu'aux versions 18.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 et supérieures, incluant 17.3R2-S2 jusqu'aux versions 17.3R2-S4 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R2-S2, 17.3R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R1-S3 17.4R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R2-S7, 17.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 et supérieures, incluant 12.3X48-D66 jusqu'aux versions 12.3X48-D75 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75 jusqu'aux versions 17.2X75-D100 17.2X75-D42 17.2X75-D9 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 versions jusqu'aux versions 14.1X53-D47 sur QFX/EX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R7, 15.1R8 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R1-S7, 17.1R2-S7, 17.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 jusqu'aux versions 15.1X49-D140 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1 versions jusqu'aux versions 14.1R8-S5, 14.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 18.2X75 jusqu'aux versions 18.2X75-D5 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1R1-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R2-S9, 17.1R3 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.2 versions jusqu'aux versions 14.2R4 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 et supérieures, incluant 15.1F6-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 jusqu'aux versions 16.2R3 sur QFX5000 et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53-D67 sur QFX10000 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 jusqu'aux versions 18.1R4 sur NFX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R1-S4 17.3R2-S2 17.3R | ||
| Juniper Networks | Junos OS | Junos OS versions 14.2 versions jusqu'aux versions 14.1X53-D130 sur QFabric | ||
| Juniper Networks | N/A | Toutes les versions de Juniper Networks Junos Space Security Director jusqu'aux versions 17.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 18.2X75 jusqu'aux versions 18.2X75-D20 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R4-S9, 15.1R7-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1F6 versions jusqu'aux versions 15.1F6-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.2 et supérieures, incluant 18.2R1 jusqu'aux versions 18.2R1-S2, 18.2R1-S3, 18.2R2 sur toutes les modèles non-SRX et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 versions jusqu'aux versions 12.1X46-D7 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75 jusqu'aux versions 17.2X75-D110, 17.2X75-D9 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 jusqu'aux versions 16.2R2-S7, 16.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 et supérieures, incluant 17.2R2-S4 jusqu'aux versions 17.2R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R2 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 et supérieures, incluant 16.1R3-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R1-S7, 17.2R2-S6, 17.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 versions jusqu'aux versions 12.3X48-D70 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R7-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53-D59 sur EX2300/EX340 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 versions jusqu'aux versions 12.1X46-D77 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 et supérieures, incluant 12.1X46-D76 jusqu'aux versions 12.1X46-D81 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R4-S9 15.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R4-S11, 16.1R6-S6, 16.1R7-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 et supérieures, incluant 15.1X49-D131 jusqu'aux versions 15.1X49-D150 sur SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R1-S4, 17.3R2-S2, 17.3R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R1-S6, 17.2R2-S4, 17.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2R1-S | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 jusqu'aux versions 16.2R1-S6, 16.2R2-S6, 16.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D471, 15.1X53-D490 sur NFX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1R6-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D67 sur QFX10K | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1R4-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D59 sur EX2300/EX3400 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75 et supérieures, incluant 17.2X75-D100 jusqu'aux versions X17.2X75-D101, 17.2X75-D11 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 et supérieures, incluant 14.1X53-D115 jusqu'aux versions 14.1X53-D130 sur QFabric | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R4-S9, 16.1R6-S1, 16.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75 jusqu'aux versions 17.2X75-D42 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 et supérieures, incluant 16.1R4-S9 jusqu'aux versions 16.1R4-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.2X75 et supérieures, incluant 18.2X75-D5 jusqu'aux versions 18.2X75-D20 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 jusqu'aux versions 15.1X49-D16 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 jusqu'aux versions 15.1X49-D30 sur vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 et supérieures, incluant 16.1R5-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R3-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R2-S4, 17.3R3-S1 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R1-S | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 jusqu'aux versions 18.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 jusqu'aux versions 18.1R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R4-S9, 15.1R6-S6, 15.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 jusqu'aux versions 18.1R2-S3, 18.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53-D47 sur EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX510 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 et supérieures, incluant 16.2R1-S |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions 15.1X49 jusqu\u0027aux versions 15.1X49-D14",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 jusqu\u0027aux versions 15.1X49-D131, 15.1X49-D140 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 7.2X75 jusqu\u0027aux versions 17.2X75-D102, 17.2X75-D11",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R1-S6, 17.2R2-S3, 17.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 versions jusqu\u0027aux versions 12.3X48-D7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.2 jusqu\u0027aux versions 18.2R1-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R1-S3, 17.4R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R4-S12, 16.1R6-S6 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 et sup\u00e9rieures, incluant 17.4R1-S3 jusqu\u0027aux versions 17.4R1-S5 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D233 sur QFX5200/QFX5110",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 jusqu\u0027aux versions 16.2R1-S6 16.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R7-S1 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R1-S5 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1F",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R2-S9, 17.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R2-S9 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R1-S7 17.1R2-S6 17.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R1-S7, 17.2R2-S6 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 sup\u00e9rieures, incluant 15.1X53-D233 jusqu\u0027aux versions 15.1X53-D235 sur QFX5200/QFX511",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3R12-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R2-S4, 17.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 versions jusqu\u0027aux versions 14.1X53-D47 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 jusqu\u0027aux versions 18.1R2 sur MX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 et sup\u00e9rieures, incluant 16.1R7 jusqu\u0027aux versions 16.1R7-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 versions jusqu\u0027aux versions 14.1X53-D48 sur QFX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 et sup\u00e9rieures, incluant 16.1R6-S3 jusqu\u0027aux versions 16.1R6-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D471 15.1X53-D490 sur NFX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 et sup\u00e9rieures, incluant 15.1R7 jusqu\u0027aux versions 15.1R7-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4R2 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1X65 jusqu\u0027aux versions 16.1X65-D4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 versions jusqu\u0027aux versions 12.3X48-D75 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R7-S2, 15.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 et sup\u00e9rieures, incluant 16.2R2-S5 jusqu\u0027aux versions 16.2R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 jusqu\u0027aux versions 16.2R2-S7 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R2-S4, 17.3R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R3-S9, 16.1R4-S9, 16.1R5-S4, 16.1R6-S4, 16.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R1-S5, 17.3R2-S2, 17.3R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3 versions jusqu\u0027aux versions 12.3R12-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R1-S5, 17.4R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 et sup\u00e9rieures, incluant 18.1R2 jusqu\u0027aux versions 18.1R2-S3, 18.1R3 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 jusqu\u0027aux versions 16.2R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 versions jusqu\u0027aux versions 14.1X53-D130 sur QFabric",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D233 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R3 sur QFX5000 et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D235, 15.1X53-D49",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 jusqu\u0027aux versions 18.1R2 sur QFX5000 Series et EX4600",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1X53 et 15.1X53-D471 jusqu\u0027aux versions 15.1X53-D590 sur NFX150, NFX25",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3R3 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R2-S6, 17.2R3 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 et sup\u00e9rieures, incluant 17.1R2-S7 jusqu\u0027aux versions 17.1R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R3-S8 16.1R4-S8 16.1R5-S4 16.1R6-S4 16.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R7 sur QFX5000 et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 et sup\u00e9rieures, incluant 17.3R1-S4 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R4-S12, 16.1R7-S2, 16.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space Network Management Platform jusqu\u0027aux versions 18.2R",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 et sup\u00e9rieures, incluant 17.3R2-S2 jusqu\u0027aux versions 17.3R2-S4 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R2-S2, 17.3R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R1-S3 17.4R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R2-S7, 17.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 et sup\u00e9rieures, incluant 12.3X48-D66 jusqu\u0027aux versions 12.3X48-D75 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75 jusqu\u0027aux versions 17.2X75-D100 17.2X75-D42 17.2X75-D9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 versions jusqu\u0027aux versions 14.1X53-D47 sur QFX/EX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R7, 15.1R8 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R1-S7, 17.1R2-S7, 17.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 jusqu\u0027aux versions 15.1X49-D140 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1 versions jusqu\u0027aux versions 14.1R8-S5, 14.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.2X75 jusqu\u0027aux versions 18.2X75-D5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1R1-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R2-S9, 17.1R3 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.2 versions jusqu\u0027aux versions 14.2R4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 et sup\u00e9rieures, incluant 15.1F6-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 jusqu\u0027aux versions 16.2R3 sur QFX5000 et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53-D67 sur QFX10000",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 jusqu\u0027aux versions 18.1R4 sur NFX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R1-S4 17.3R2-S2 17.3R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.2 versions jusqu\u0027aux versions 14.1X53-D130 sur QFabric",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Toutes les versions de Juniper Networks Junos Space Security Director jusqu\u0027aux versions 17.2R",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.2X75 jusqu\u0027aux versions 18.2X75-D20",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R4-S9, 15.1R7-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1F6 versions jusqu\u0027aux versions 15.1F6-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.2 et sup\u00e9rieures, incluant 18.2R1 jusqu\u0027aux versions 18.2R1-S2, 18.2R1-S3, 18.2R2 sur toutes les mod\u00e8les non-SRX et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 versions jusqu\u0027aux versions 12.1X46-D7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75 jusqu\u0027aux versions 17.2X75-D110, 17.2X75-D9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 jusqu\u0027aux versions 16.2R2-S7, 16.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 et sup\u00e9rieures, incluant 17.2R2-S4 jusqu\u0027aux versions 17.2R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R2 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 et sup\u00e9rieures, incluant 16.1R3-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R1-S7, 17.2R2-S6, 17.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 versions jusqu\u0027aux versions 12.3X48-D70 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R7-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53-D59 sur EX2300/EX340",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 versions jusqu\u0027aux versions 12.1X46-D77 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 et sup\u00e9rieures, incluant 12.1X46-D76 jusqu\u0027aux versions 12.1X46-D81 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R4-S9 15.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R4-S11, 16.1R6-S6, 16.1R7-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 et sup\u00e9rieures, incluant 15.1X49-D131 jusqu\u0027aux versions 15.1X49-D150 sur SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R1-S4, 17.3R2-S2, 17.3R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R1-S6, 17.2R2-S4, 17.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2R1-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 jusqu\u0027aux versions 16.2R1-S6, 16.2R2-S6, 16.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D471, 15.1X53-D490 sur NFX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1R6-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D67 sur QFX10K",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1R4-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D59 sur EX2300/EX3400",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75 et sup\u00e9rieures, incluant 17.2X75-D100 jusqu\u0027aux versions X17.2X75-D101, 17.2X75-D11",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 et sup\u00e9rieures, incluant 14.1X53-D115 jusqu\u0027aux versions 14.1X53-D130 sur QFabric",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R4-S9, 16.1R6-S1, 16.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75 jusqu\u0027aux versions 17.2X75-D42 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 et sup\u00e9rieures, incluant 16.1R4-S9 jusqu\u0027aux versions 16.1R4-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.2X75 et sup\u00e9rieures, incluant 18.2X75-D5 jusqu\u0027aux versions 18.2X75-D20",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 jusqu\u0027aux versions 15.1X49-D16",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 jusqu\u0027aux versions 15.1X49-D30 sur vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 et sup\u00e9rieures, incluant 16.1R5-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R3-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R2-S4, 17.3R3-S1 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R1-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 jusqu\u0027aux versions 18.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 jusqu\u0027aux versions 18.1R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R4-S9, 15.1R6-S6, 15.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 jusqu\u0027aux versions 18.1R2-S3, 18.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53-D47 sur EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX510",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 et sup\u00e9rieures, incluant 16.2R1-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-0056",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0056"
},
{
"name": "CVE-2018-0043",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0043"
},
{
"name": "CVE-2016-10011",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10011"
},
{
"name": "CVE-2018-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0045"
},
{
"name": "CVE-2018-0049",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0049"
},
{
"name": "CVE-2016-10009",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10009"
},
{
"name": "CVE-2018-0044",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0044"
},
{
"name": "CVE-2018-0055",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0055"
},
{
"name": "CVE-2018-0046",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0046"
},
{
"name": "CVE-2018-0053",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0053"
},
{
"name": "CVE-2017-15906",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15906"
},
{
"name": "CVE-2016-10010",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10010"
},
{
"name": "CVE-2018-0054",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0054"
},
{
"name": "CVE-2018-0052",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0052"
},
{
"name": "CVE-2018-0051",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0051"
},
{
"name": "CVE-2018-0047",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0047"
},
{
"name": "CVE-2016-10012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10012"
},
{
"name": "CVE-2018-0057",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0057"
},
{
"name": "CVE-2018-0050",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0050"
},
{
"name": "CVE-2018-0048",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0048"
}
],
"initial_release_date": "2018-10-11T00:00:00",
"last_revision_date": "2018-10-11T00:00:00",
"links": [],
"reference": "CERTFR-2018-AVI-487",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-10-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une ex\u00e9cution de code\narbitraire et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10883 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10883\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10892 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10892\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10882 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10882\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10880 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10880\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10889 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10889\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10884 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10884\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10890 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10890\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10881 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10881\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10886 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10886\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10879 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10879\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10878 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10878\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10887 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10887\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10885 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10885\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10877 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10877\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10888 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10888\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
GHSA-WC46-55V6-3W8C
Vulnerability from github – Published: 2022-05-13 01:35 – Updated: 2022-05-13 01:35
VLAI?
Details
A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3;
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2018-0048"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-10-10T18:29:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3;",
"id": "GHSA-wc46-55v6-3w8c",
"modified": "2022-05-13T01:35:56Z",
"published": "2022-05-13T01:35:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0048"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA10882"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/105564"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041849"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2018-0048
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3;
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-0048",
"description": "A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3;",
"id": "GSD-2018-0048"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-0048"
],
"details": "A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3;",
"id": "GSD-2018-0048",
"modified": "2023-12-13T01:22:25.179560Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-10-10T16:00:00.000Z",
"ID": "CVE-2018-0048",
"STATE": "PUBLIC",
"TITLE": "Junos OS: Memory exhaustion denial of service vulnerability in Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_name": "17.2",
"version_value": "17.2R1-S7, 17.2R2-S6, 17.2R3"
},
{
"affected": "\u003c",
"version_name": "17.2X75",
"version_value": "17.2X75-D102, 17.2X75-D110"
},
{
"affected": "\u003c",
"version_name": "17.3",
"version_value": "17.3R2-S4, 17.3R3"
},
{
"affected": "\u003c",
"version_name": "17.4",
"version_value": "17.4R1-S5, 17.4R2"
},
{
"affected": "\u003c",
"version_name": "18.1",
"version_value": "18.1R2-S3, 18.1R3"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3;"
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105564"
},
{
"name": "1041849",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041849"
},
{
"name": "https://kb.juniper.net/JSA10882",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10882"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.2X75-D102, 17.2X75-D110, 17.3R2-S4, 17.3R3, 17.4R1-S5, 17.4R2, 18.1R2-S3, 18.1R3, 18.2R1, 18.2X75-D10, 18.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10882",
"defect": [
"1344177"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.2x75:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:18.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"ID": "CVE-2018-0048"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3;"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10882",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10882"
},
{
"name": "1041849",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041849"
},
{
"name": "105564",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105564"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2019-10-09T23:31Z",
"publishedDate": "2018-10-10T18:29Z"
}
}
}
CVE-2018-0048
Vulnerability from fstec - Published: 10.10.2018
VLAI Severity ?
Title
Уязвимость сервиса Routing Protocols Daemon (RPD) операционной системы JunOS, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость сервиса Routing Protocols Daemon (RPD) операционной системы JunOS связана с неконтролируемым расходом памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании
Severity ?
Vendor
Juniper Networks Inc.
Software Name
JunOS
Software Version
до 17.3R3 (JunOS), до 17.4R2 (JunOS), до 17.2R1-S7 (JunOS), до 17.2R2-S6 (JunOS), до 17.2R3 (JunOS), до 17.3R2-S4 (JunOS), до 17.2X75-D110 (JunOS), до 17.4R1-S5 (JunOS), до 18.1R2-S3 (JunOS), до 18.1R3 (JunOS), до 17.2X75-D102 (JunOS), до 17.2X75-D43 (JunOS)
Possible Mitigations
Использование рекомендаций:
https://kb.juniper.net/JSA10882
Reference
http://www.securityfocus.com/bid/105564
http://www.securitytracker.com/id/1041849
https://kb.juniper.net/JSA10882
CWE
CWE-789
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Juniper Networks Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 17.3R3 (JunOS), \u0434\u043e 17.4R2 (JunOS), \u0434\u043e 17.2R1-S7 (JunOS), \u0434\u043e 17.2R2-S6 (JunOS), \u0434\u043e 17.2R3 (JunOS), \u0434\u043e 17.3R2-S4 (JunOS), \u0434\u043e 17.2X75-D110 (JunOS), \u0434\u043e 17.4R1-S5 (JunOS), \u0434\u043e 18.1R2-S3 (JunOS), \u0434\u043e 18.1R3 (JunOS), \u0434\u043e 17.2X75-D102 (JunOS), \u0434\u043e 17.2X75-D43 (JunOS)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\nhttps://kb.juniper.net/JSA10882",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "10.10.2018",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.06.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "16.11.2018",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2018-01349",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-0048",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "JunOS",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Juniper Networks Inc. JunOS \u0434\u043e 17.3R3 , Juniper Networks Inc. JunOS \u0434\u043e 17.4R2 , Juniper Networks Inc. JunOS \u0434\u043e 17.2R1-S7 , Juniper Networks Inc. JunOS \u0434\u043e 17.2R2-S6 , Juniper Networks Inc. JunOS \u0434\u043e 17.2R3 , Juniper Networks Inc. JunOS \u0434\u043e 17.3R2-S4 , Juniper Networks Inc. JunOS \u0434\u043e 17.2X75-D110 , Juniper Networks Inc. JunOS \u0434\u043e 17.4R1-S5 , Juniper Networks Inc. JunOS \u0434\u043e 18.1R2-S3 , Juniper Networks Inc. JunOS \u0434\u043e 18.1R3 , Juniper Networks Inc. JunOS \u0434\u043e 17.2X75-D102 , Juniper Networks Inc. JunOS \u0434\u043e 17.2X75-D43 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441\u0430 Routing Protocols Daemon (RPD) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b JunOS, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u043e\u0435 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-789)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441\u0430 Routing Protocols Daemon (RPD) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b JunOS \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u043c \u0440\u0430\u0441\u0445\u043e\u0434\u043e\u043c \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 Juniper Extension Toolkit (JET)",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://www.securityfocus.com/bid/105564 \nhttp://www.securitytracker.com/id/1041849 \nhttps://kb.juniper.net/JSA10882",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-789",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
FKIE_CVE-2018-0048
Vulnerability from fkie_nvd - Published: 2018-10-10 18:29 - Updated: 2024-11-21 03:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3;
References
| URL | Tags | ||
|---|---|---|---|
| sirt@juniper.net | http://www.securityfocus.com/bid/105564 | Third Party Advisory, VDB Entry | |
| sirt@juniper.net | http://www.securitytracker.com/id/1041849 | Third Party Advisory, VDB Entry | |
| sirt@juniper.net | https://kb.juniper.net/JSA10882 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105564 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041849 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA10882 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64EB45C0-E3BD-4C0D-9E97-1DB726D66401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E889BF9C-BDDF-4A6A-97BB-00A097EF6D91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.2x75:*:*:*:*:*:*:*",
"matchCriteriaId": "191A3F26-3C6E-4B5A-9D40-E6ABC2BFA7AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0F69A0E5-B61B-405D-B501-9CB306651CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "38A40E03-F915-4888-87B0-5950F75F097D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*",
"matchCriteriaId": "974B6128-ABD2-4D9C-87A1-5F1740DDCB95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF736F6-ED05-4DC1-96FB-3F35BA5B3EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "B0A756E2-C320-405A-B24F-7C5022649E5A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This issue only affects devices with JET support running Junos OS 17.2R1 and subsequent releases. Other versions of Junos OS are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3;"
},
{
"lang": "es",
"value": "Una vulnerabilidad en el RPD (Routing Protocols Daemon) con soporte para Juniper Extension Toolkit (JET) puede permitir que un atacante no autenticado basado en web provoque una condici\u00f3n severa de agotamiento de memoria en el dispositivo. Esto puede tener un impacto adverso en el rendimiento del sistema y su disponibilidad. Este problema solo afecta a los dispositivos con JET que soportan la ejecuci\u00f3n de Junos OS 17.2R1 y versiones posteriores. Otras versiones de Junos OS no se han visto afectadas por esta vulnerabilidad. Las versiones afectadas de Juniper Networks Junos OS son: 17.2 en versiones anteriores a la 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.2X75 en versiones anteriores a la 17.2X75-D102, 17.2X75-D110; 17.3 en versiones anteriores a la 17.3R2-S4, 17.3R3; 17.4 en versiones anteriores a la 17.4R1-S5, 17.4R2; 18.1 en versiones anteriores a la 18.1R2-S3 y 18.1R3;"
}
],
"id": "CVE-2018-0048",
"lastModified": "2024-11-21T03:37:25.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-10T18:29:01.873",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105564"
},
{
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041849"
},
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10882"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…