Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-0050 (GCVE-0-2018-0050)
Vulnerability from cvelistv5 – Published: 2018-10-10 18:00 – Updated: 2024-09-17 00:46
VLAI?
EPSS
Title
Junos OS: Receipt of a malformed MPLS RSVP packet leads to a Routing Protocols Daemon (RPD) crash.
Summary
An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic.
Severity ?
7.5 (High)
CWE
- Error Handling
- Denial of Service
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
14.1 , < 14.1R8-S5, 14.1R9
(custom)
Affected: 14.2 , < 14.2R4 (custom) |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:14:16.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041851",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041851"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10884"
},
{
"name": "106206",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106206"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "14.1R8-S5, 14.1R9",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "14.2R4",
"status": "affected",
"version": "14.2",
"versionType": "custom"
}
]
},
{
"platforms": [
"QFX Switching"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "14.1X53-D48",
"status": "affected",
"version": "14.1X53",
"versionType": "custom"
}
]
},
{
"platforms": [
"QFabric System"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "14.1X53-D130",
"status": "affected",
"version": "14.2",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "The following minimal protocols configurations are required:\n\n [protocols rsvp]\n [protocols mpls interface]"
}
],
"datePublic": "2018-10-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Error Handling",
"lang": "en",
"type": "text"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-15T10:57:01.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"name": "1041851",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041851"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10884"
},
{
"name": "106206",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106206"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 14.1R8-S5, 14.1R9, 14.1X53-D130, 14.1X53-D48, 14.2R4, 15.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10884",
"defect": [
"1087100"
],
"discovery": "INTERNAL"
},
"title": "Junos OS: Receipt of a malformed MPLS RSVP packet leads to a Routing Protocols Daemon (RPD) crash.",
"workarounds": [
{
"lang": "en",
"value": "Remove MPLS configuration stanzas from interface configurations that are at risk.\nNo other workarounds exist for this issue."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-10-10T16:00:00.000Z",
"ID": "CVE-2018-0050",
"STATE": "PUBLIC",
"TITLE": "Junos OS: Receipt of a malformed MPLS RSVP packet leads to a Routing Protocols Daemon (RPD) crash."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "14.1",
"version_value": "14.1R8-S5, 14.1R9"
},
{
"affected": "\u003c",
"platform": "QFX Switching",
"version_affected": "\u003c",
"version_name": "14.1X53",
"version_value": "14.1X53-D48"
},
{
"affected": "\u003c",
"platform": "QFabric System",
"version_affected": "\u003c",
"version_name": "14.2",
"version_value": "14.1X53-D130"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "14.2",
"version_value": "14.2R4"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "The following minimal protocols configurations are required:\n\n [protocols rsvp]\n [protocols mpls interface]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Error Handling"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041851",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041851"
},
{
"name": "https://kb.juniper.net/JSA10884",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10884"
},
{
"name": "106206",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106206"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 14.1R8-S5, 14.1R9, 14.1X53-D130, 14.1X53-D48, 14.2R4, 15.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10884",
"defect": [
"1087100"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Remove MPLS configuration stanzas from interface configurations that are at risk.\nNo other workarounds exist for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2018-0050",
"datePublished": "2018-10-10T18:00:00.000Z",
"dateReserved": "2017-11-16T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:46:12.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTFR-2018-AVI-487
Vulnerability from certfr_avis - Published: 2018-10-11 - Updated: 2018-10-11
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 jusqu'aux versions 15.1X49-D14 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 jusqu'aux versions 15.1X49-D131, 15.1X49-D140 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 7.2X75 jusqu'aux versions 17.2X75-D102, 17.2X75-D11 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R1-S6, 17.2R2-S3, 17.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 versions jusqu'aux versions 12.3X48-D7 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.2 jusqu'aux versions 18.2R1-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R1-S3, 17.4R | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R4-S12, 16.1R6-S6 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 et supérieures, incluant 17.4R1-S3 jusqu'aux versions 17.4R1-S5 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D233 sur QFX5200/QFX5110 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 jusqu'aux versions 16.2R1-S6 16.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R7-S1 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R1-S5 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1F | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R2-S9, 17.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R2-S9 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R1-S7 17.1R2-S6 17.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R1-S7, 17.2R2-S6 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 supérieures, incluant 15.1X53-D233 jusqu'aux versions 15.1X53-D235 sur QFX5200/QFX511 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3R12-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R2-S4, 17.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 versions jusqu'aux versions 14.1X53-D47 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 jusqu'aux versions 18.1R2 sur MX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 et supérieures, incluant 16.1R7 jusqu'aux versions 16.1R7-S | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 versions jusqu'aux versions 14.1X53-D48 sur QFX | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 et supérieures, incluant 16.1R6-S3 jusqu'aux versions 16.1R6-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D471 15.1X53-D490 sur NFX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 et supérieures, incluant 15.1R7 jusqu'aux versions 15.1R7-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4R2 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1X65 jusqu'aux versions 16.1X65-D4 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 versions jusqu'aux versions 12.3X48-D75 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R7-S2, 15.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 et supérieures, incluant 16.2R2-S5 jusqu'aux versions 16.2R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 jusqu'aux versions 16.2R2-S7 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R2-S4, 17.3R | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R3-S9, 16.1R4-S9, 16.1R5-S4, 16.1R6-S4, 16.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R1-S5, 17.3R2-S2, 17.3R | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3 versions jusqu'aux versions 12.3R12-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R1-S5, 17.4R | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 et supérieures, incluant 18.1R2 jusqu'aux versions 18.1R2-S3, 18.1R3 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 jusqu'aux versions 16.2R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 versions jusqu'aux versions 14.1X53-D130 sur QFabric | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D233 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R3 sur QFX5000 et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D235, 15.1X53-D49 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 jusqu'aux versions 18.1R2 sur QFX5000 Series et EX4600 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 15.1X53 et 15.1X53-D471 jusqu'aux versions 15.1X53-D590 sur NFX150, NFX25 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3R3 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R2-S6, 17.2R3 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 et supérieures, incluant 17.1R2-S7 jusqu'aux versions 17.1R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R3-S8 16.1R4-S8 16.1R5-S4 16.1R6-S4 16.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R7 sur QFX5000 et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 et supérieures, incluant 17.3R1-S4 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R4-S12, 16.1R7-S2, 16.1R | ||
| Juniper Networks | N/A | Junos Space Network Management Platform jusqu'aux versions 18.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 et supérieures, incluant 17.3R2-S2 jusqu'aux versions 17.3R2-S4 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R2-S2, 17.3R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R1-S3 17.4R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R2-S7, 17.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 et supérieures, incluant 12.3X48-D66 jusqu'aux versions 12.3X48-D75 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75 jusqu'aux versions 17.2X75-D100 17.2X75-D42 17.2X75-D9 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 versions jusqu'aux versions 14.1X53-D47 sur QFX/EX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R7, 15.1R8 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R1-S7, 17.1R2-S7, 17.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 jusqu'aux versions 15.1X49-D140 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1 versions jusqu'aux versions 14.1R8-S5, 14.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 18.2X75 jusqu'aux versions 18.2X75-D5 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1R1-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R2-S9, 17.1R3 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.2 versions jusqu'aux versions 14.2R4 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 et supérieures, incluant 15.1F6-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 jusqu'aux versions 16.2R3 sur QFX5000 et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53-D67 sur QFX10000 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 jusqu'aux versions 18.1R4 sur NFX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R1-S4 17.3R2-S2 17.3R | ||
| Juniper Networks | Junos OS | Junos OS versions 14.2 versions jusqu'aux versions 14.1X53-D130 sur QFabric | ||
| Juniper Networks | N/A | Toutes les versions de Juniper Networks Junos Space Security Director jusqu'aux versions 17.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 18.2X75 jusqu'aux versions 18.2X75-D20 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R4-S9, 15.1R7-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1F6 versions jusqu'aux versions 15.1F6-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.2 et supérieures, incluant 18.2R1 jusqu'aux versions 18.2R1-S2, 18.2R1-S3, 18.2R2 sur toutes les modèles non-SRX et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 versions jusqu'aux versions 12.1X46-D7 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75 jusqu'aux versions 17.2X75-D110, 17.2X75-D9 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 jusqu'aux versions 16.2R2-S7, 16.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 et supérieures, incluant 17.2R2-S4 jusqu'aux versions 17.2R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R2 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 et supérieures, incluant 16.1R3-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R1-S7, 17.2R2-S6, 17.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 versions jusqu'aux versions 12.3X48-D70 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R7-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53-D59 sur EX2300/EX340 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 versions jusqu'aux versions 12.1X46-D77 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 et supérieures, incluant 12.1X46-D76 jusqu'aux versions 12.1X46-D81 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R4-S9 15.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R4-S11, 16.1R6-S6, 16.1R7-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 et supérieures, incluant 15.1X49-D131 jusqu'aux versions 15.1X49-D150 sur SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R1-S4, 17.3R2-S2, 17.3R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2 jusqu'aux versions 17.2R1-S6, 17.2R2-S4, 17.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2R1-S | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 jusqu'aux versions 16.2R1-S6, 16.2R2-S6, 16.2R | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D471, 15.1X53-D490 sur NFX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1R6-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D67 sur QFX10K | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1R4-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 jusqu'aux versions 15.1X53-D59 sur EX2300/EX3400 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75 et supérieures, incluant 17.2X75-D100 jusqu'aux versions X17.2X75-D101, 17.2X75-D11 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 et supérieures, incluant 14.1X53-D115 jusqu'aux versions 14.1X53-D130 sur QFabric | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 jusqu'aux versions 16.1R4-S9, 16.1R6-S1, 16.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75 jusqu'aux versions 17.2X75-D42 sur QFX5000 Series et EX460 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 et supérieures, incluant 16.1R4-S9 jusqu'aux versions 16.1R4-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.2X75 et supérieures, incluant 18.2X75-D5 jusqu'aux versions 18.2X75-D20 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 jusqu'aux versions 15.1X49-D16 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 jusqu'aux versions 15.1X49-D30 sur vSR | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 jusqu'aux versions 17.1R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 et supérieures, incluant 16.1R5-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R3-S | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3 jusqu'aux versions 17.3R2-S4, 17.3R3-S1 sur MX | ||
| Juniper Networks | Junos OS | Junos OS versions 17.4 jusqu'aux versions 17.4R1-S | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 jusqu'aux versions 18.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 jusqu'aux versions 18.1R2-S | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 jusqu'aux versions 15.1R4-S9, 15.1R6-S6, 15.1R | ||
| Juniper Networks | Junos OS | Junos OS versions 18.1 jusqu'aux versions 18.1R2-S3, 18.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53-D47 sur EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX510 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 et supérieures, incluant 16.2R1-S |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions 15.1X49 jusqu\u0027aux versions 15.1X49-D14",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 jusqu\u0027aux versions 15.1X49-D131, 15.1X49-D140 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 7.2X75 jusqu\u0027aux versions 17.2X75-D102, 17.2X75-D11",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R1-S6, 17.2R2-S3, 17.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 versions jusqu\u0027aux versions 12.3X48-D7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.2 jusqu\u0027aux versions 18.2R1-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R1-S3, 17.4R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R4-S12, 16.1R6-S6 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 et sup\u00e9rieures, incluant 17.4R1-S3 jusqu\u0027aux versions 17.4R1-S5 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D233 sur QFX5200/QFX5110",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 jusqu\u0027aux versions 16.2R1-S6 16.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R7-S1 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R1-S5 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1F",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R2-S9, 17.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R2-S9 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R1-S7 17.1R2-S6 17.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R1-S7, 17.2R2-S6 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 sup\u00e9rieures, incluant 15.1X53-D233 jusqu\u0027aux versions 15.1X53-D235 sur QFX5200/QFX511",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3R12-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R2-S4, 17.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 versions jusqu\u0027aux versions 14.1X53-D47 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 jusqu\u0027aux versions 18.1R2 sur MX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 et sup\u00e9rieures, incluant 16.1R7 jusqu\u0027aux versions 16.1R7-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 versions jusqu\u0027aux versions 14.1X53-D48 sur QFX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 et sup\u00e9rieures, incluant 16.1R6-S3 jusqu\u0027aux versions 16.1R6-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D471 15.1X53-D490 sur NFX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 et sup\u00e9rieures, incluant 15.1R7 jusqu\u0027aux versions 15.1R7-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4R2 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1X65 jusqu\u0027aux versions 16.1X65-D4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 versions jusqu\u0027aux versions 12.3X48-D75 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R7-S2, 15.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 et sup\u00e9rieures, incluant 16.2R2-S5 jusqu\u0027aux versions 16.2R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 jusqu\u0027aux versions 16.2R2-S7 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R2-S4, 17.3R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R3-S9, 16.1R4-S9, 16.1R5-S4, 16.1R6-S4, 16.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R1-S5, 17.3R2-S2, 17.3R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3 versions jusqu\u0027aux versions 12.3R12-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R1-S5, 17.4R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 et sup\u00e9rieures, incluant 18.1R2 jusqu\u0027aux versions 18.1R2-S3, 18.1R3 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 jusqu\u0027aux versions 16.2R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 versions jusqu\u0027aux versions 14.1X53-D130 sur QFabric",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D233 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R3 sur QFX5000 et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D235, 15.1X53-D49",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 jusqu\u0027aux versions 18.1R2 sur QFX5000 Series et EX4600",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 15.1X53 et 15.1X53-D471 jusqu\u0027aux versions 15.1X53-D590 sur NFX150, NFX25",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3R3 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R2-S6, 17.2R3 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 et sup\u00e9rieures, incluant 17.1R2-S7 jusqu\u0027aux versions 17.1R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R3-S8 16.1R4-S8 16.1R5-S4 16.1R6-S4 16.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R7 sur QFX5000 et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 et sup\u00e9rieures, incluant 17.3R1-S4 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R4-S12, 16.1R7-S2, 16.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space Network Management Platform jusqu\u0027aux versions 18.2R",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 et sup\u00e9rieures, incluant 17.3R2-S2 jusqu\u0027aux versions 17.3R2-S4 sur All non-SRX Series et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R2-S2, 17.3R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R1-S3 17.4R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R2-S7, 17.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 et sup\u00e9rieures, incluant 12.3X48-D66 jusqu\u0027aux versions 12.3X48-D75 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75 jusqu\u0027aux versions 17.2X75-D100 17.2X75-D42 17.2X75-D9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 versions jusqu\u0027aux versions 14.1X53-D47 sur QFX/EX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R7, 15.1R8 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R1-S7, 17.1R2-S7, 17.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 jusqu\u0027aux versions 15.1X49-D140 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1 versions jusqu\u0027aux versions 14.1R8-S5, 14.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.2X75 jusqu\u0027aux versions 18.2X75-D5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1R1-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R2-S9, 17.1R3 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.2 versions jusqu\u0027aux versions 14.2R4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 et sup\u00e9rieures, incluant 15.1F6-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 jusqu\u0027aux versions 16.2R3 sur QFX5000 et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53-D67 sur QFX10000",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 jusqu\u0027aux versions 18.1R4 sur NFX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R1-S4 17.3R2-S2 17.3R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.2 versions jusqu\u0027aux versions 14.1X53-D130 sur QFabric",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Toutes les versions de Juniper Networks Junos Space Security Director jusqu\u0027aux versions 17.2R",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.2X75 jusqu\u0027aux versions 18.2X75-D20",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R4-S9, 15.1R7-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1F6 versions jusqu\u0027aux versions 15.1F6-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.2 et sup\u00e9rieures, incluant 18.2R1 jusqu\u0027aux versions 18.2R1-S2, 18.2R1-S3, 18.2R2 sur toutes les mod\u00e8les non-SRX et SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 versions jusqu\u0027aux versions 12.1X46-D7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75 jusqu\u0027aux versions 17.2X75-D110, 17.2X75-D9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 jusqu\u0027aux versions 16.2R2-S7, 16.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 et sup\u00e9rieures, incluant 17.2R2-S4 jusqu\u0027aux versions 17.2R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R2 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 et sup\u00e9rieures, incluant 16.1R3-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R1-S7, 17.2R2-S6, 17.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 versions jusqu\u0027aux versions 12.3X48-D70 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R7-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53-D59 sur EX2300/EX340",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 versions jusqu\u0027aux versions 12.1X46-D77 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 et sup\u00e9rieures, incluant 12.1X46-D76 jusqu\u0027aux versions 12.1X46-D81 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R4-S9 15.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R4-S11, 16.1R6-S6, 16.1R7-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 et sup\u00e9rieures, incluant 15.1X49-D131 jusqu\u0027aux versions 15.1X49-D150 sur SRX100, SRX110, SRX210, SRX220, SRX240m, SRX550m SRX650, SRX300, SRX320, SRX340, SRX345, SRX1500, SRX4100, SRX4200, SRX4600 et vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R1-S4, 17.3R2-S2, 17.3R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2 jusqu\u0027aux versions 17.2R1-S6, 17.2R2-S4, 17.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2R1-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 jusqu\u0027aux versions 16.2R1-S6, 16.2R2-S6, 16.2R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D471, 15.1X53-D490 sur NFX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1R6-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D67 sur QFX10K",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1R4-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 jusqu\u0027aux versions 15.1X53-D59 sur EX2300/EX3400",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75 et sup\u00e9rieures, incluant 17.2X75-D100 jusqu\u0027aux versions X17.2X75-D101, 17.2X75-D11",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 et sup\u00e9rieures, incluant 14.1X53-D115 jusqu\u0027aux versions 14.1X53-D130 sur QFabric",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 jusqu\u0027aux versions 16.1R4-S9, 16.1R6-S1, 16.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75 jusqu\u0027aux versions 17.2X75-D42 sur QFX5000 Series et EX460",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 et sup\u00e9rieures, incluant 16.1R4-S9 jusqu\u0027aux versions 16.1R4-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.2X75 et sup\u00e9rieures, incluant 18.2X75-D5 jusqu\u0027aux versions 18.2X75-D20",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 jusqu\u0027aux versions 15.1X49-D16",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 jusqu\u0027aux versions 15.1X49-D30 sur vSR",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 jusqu\u0027aux versions 17.1R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 et sup\u00e9rieures, incluant 16.1R5-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R3-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3 jusqu\u0027aux versions 17.3R2-S4, 17.3R3-S1 sur MX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.4 jusqu\u0027aux versions 17.4R1-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 jusqu\u0027aux versions 18.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 jusqu\u0027aux versions 18.1R2-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 jusqu\u0027aux versions 15.1R4-S9, 15.1R6-S6, 15.1R",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.1 jusqu\u0027aux versions 18.1R2-S3, 18.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53-D47 sur EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX510",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 et sup\u00e9rieures, incluant 16.2R1-S",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-0056",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0056"
},
{
"name": "CVE-2018-0043",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0043"
},
{
"name": "CVE-2016-10011",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10011"
},
{
"name": "CVE-2018-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0045"
},
{
"name": "CVE-2018-0049",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0049"
},
{
"name": "CVE-2016-10009",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10009"
},
{
"name": "CVE-2018-0044",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0044"
},
{
"name": "CVE-2018-0055",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0055"
},
{
"name": "CVE-2018-0046",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0046"
},
{
"name": "CVE-2018-0053",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0053"
},
{
"name": "CVE-2017-15906",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15906"
},
{
"name": "CVE-2016-10010",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10010"
},
{
"name": "CVE-2018-0054",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0054"
},
{
"name": "CVE-2018-0052",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0052"
},
{
"name": "CVE-2018-0051",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0051"
},
{
"name": "CVE-2018-0047",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0047"
},
{
"name": "CVE-2016-10012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10012"
},
{
"name": "CVE-2018-0057",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0057"
},
{
"name": "CVE-2018-0050",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0050"
},
{
"name": "CVE-2018-0048",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0048"
}
],
"initial_release_date": "2018-10-11T00:00:00",
"last_revision_date": "2018-10-11T00:00:00",
"links": [],
"reference": "CERTFR-2018-AVI-487",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-10-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une ex\u00e9cution de code\narbitraire et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10883 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10883\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10892 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10892\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10882 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10882\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10880 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10880\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10889 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10889\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10884 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10884\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10890 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10890\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10881 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10881\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10886 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10886\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10879 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10879\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10878 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10878\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10887 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10887\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10885 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10885\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10877 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10877\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10888 du 10 octobre 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10888\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
FKIE_CVE-2018-0050
Vulnerability from fkie_nvd - Published: 2018-10-10 18:29 - Updated: 2024-11-21 03:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic.
References
| URL | Tags | ||
|---|---|---|---|
| sirt@juniper.net | http://www.securityfocus.com/bid/106206 | Third Party Advisory | |
| sirt@juniper.net | http://www.securitytracker.com/id/1041851 | Third Party Advisory, VDB Entry | |
| sirt@juniper.net | https://kb.juniper.net/JSA10884 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106206 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041851 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA10884 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos | 14.1 | |
| juniper | junos | 14.1 | |
| juniper | junos | 14.1 | |
| juniper | junos | 14.1 | |
| juniper | junos | 14.1 | |
| juniper | junos | 14.1 | |
| juniper | junos | 14.1 | |
| juniper | junos | 14.1 | |
| juniper | junos | 14.1 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.1x53 | |
| juniper | junos | 14.2 | |
| juniper | junos | 14.2 | |
| juniper | junos | 14.2 | |
| juniper | junos | 14.2 | |
| juniper | junos | 14.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6237291A-B861-4D53-B7AA-C53A44B76896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "9C778627-820A-48F5-9680-0205D6DB5EB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "FA7F03DC-73A2-4760-B386-2A57E9C97E65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CA10003-D52B-4110-9D7A-F50895E6BA17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "1B2D843A-8ADE-4888-8960-B48394DEA1D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1:r5:*:*:*:*:*:*",
"matchCriteriaId": "3BE66516-A06D-4C0F-8346-DFC8865C8FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "EEBDFC9E-7753-42A8-A5C8-4D40D219F93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1:r7:*:*:*:*:*:*",
"matchCriteriaId": "25E5D543-D779-482D-AA8A-6E77C1949FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1:r9:*:*:*:*:*:*",
"matchCriteriaId": "8A76DAC5-AEC4-47E8-9876-71EE5BAD73E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
"matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d121:*:*:*:*:*:*",
"matchCriteriaId": "1E87AF59-23AC-4CE2-98AE-41849D643A85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
"matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
"matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
"matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
"matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
"matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*",
"matchCriteriaId": "74500FC7-EE82-4AA8-9A5F-15DE4835E337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*",
"matchCriteriaId": "AAE14AE1-6756-4831-A8D5-A6D07DB24AF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*",
"matchCriteriaId": "A545D686-25FD-47CD-838A-CF69FB707253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d42:*:*:*:*:*:*",
"matchCriteriaId": "39427B97-EB80-46BE-A5D0-90CCEC1DD207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d43:*:*:*:*:*:*",
"matchCriteriaId": "131CBAB6-8222-4CDC-AEC8-8AD1AD507C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d44:*:*:*:*:*:*",
"matchCriteriaId": "81BEA7EA-FF95-425B-9245-21927E1F30C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*",
"matchCriteriaId": "EB013C0D-893D-4A71-AF86-B63DB4464784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*",
"matchCriteriaId": "9A3CB6CF-A22B-43F8-8E92-6268BBF7E644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d47:*:*:*:*:*:*",
"matchCriteriaId": "E77B6650-6316-41D1-9EA3-4429DD972628",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
"matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d121:*:*:*:*:*:*",
"matchCriteriaId": "1E87AF59-23AC-4CE2-98AE-41849D643A85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
"matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
"matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
"matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
"matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
"matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*",
"matchCriteriaId": "74500FC7-EE82-4AA8-9A5F-15DE4835E337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*",
"matchCriteriaId": "AAE14AE1-6756-4831-A8D5-A6D07DB24AF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*",
"matchCriteriaId": "A545D686-25FD-47CD-838A-CF69FB707253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d42:*:*:*:*:*:*",
"matchCriteriaId": "39427B97-EB80-46BE-A5D0-90CCEC1DD207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d43:*:*:*:*:*:*",
"matchCriteriaId": "131CBAB6-8222-4CDC-AEC8-8AD1AD507C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d44:*:*:*:*:*:*",
"matchCriteriaId": "81BEA7EA-FF95-425B-9245-21927E1F30C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*",
"matchCriteriaId": "EB013C0D-893D-4A71-AF86-B63DB4464784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*",
"matchCriteriaId": "9A3CB6CF-A22B-43F8-8E92-6268BBF7E644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d47:*:*:*:*:*:*",
"matchCriteriaId": "E77B6650-6316-41D1-9EA3-4429DD972628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d48:*:*:*:*:*:*",
"matchCriteriaId": "E03E379C-BC08-4FB7-9C01-41F75DFD281F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D59449C6-5BD5-4C07-AEF6-EEBC70D9C4C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D59449C6-5BD5-4C07-AEF6-EEBC70D9C4C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "79149AA0-17D1-4522-894F-C025F7A30FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "30726286-7CB1-4E5D-AE44-2B4D84795900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "33BE028F-2961-414A-9D42-C4861566C2DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic."
},
{
"lang": "es",
"value": "Una vulnerabilidad de manejo de errores en el RPD (Routing Protocols Daemon) de Juniper Networks Junos OS permite que un atacante provoque el cierre inesperado de RPD. La recepci\u00f3n continuada de este paquete MPLS RSVP mal formado provocar\u00e1 una condici\u00f3n sostenida de denegaci\u00f3n de servicio (DoS). Las versiones afectadas de Juniper Networks Junos OS son: 14.1 en versiones anteriores a la 14.1R8-S5, 14.1R9; 14.1X53 en versiones anteriores a la 14.1X53-D48 en QFX Switching; 14.2 en versiones anteriores a la 14.1X53-D130 en QFabric System; 14.2 en versiones anteriores a la 14.2R4. Este problema no afecta a las versiones de Junos OS anteriores a la 14.1R1. Junos OS RSVP solo soporta el protocolo IPv4. IPv6 no se ha visto afectado por este problema. Este problema requiere que se reciba en una interfaz configurada para recibir este tipo de tr\u00e1fico."
}
],
"id": "CVE-2018-0050",
"lastModified": "2024-11-21T03:37:26.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-10T18:29:02.203",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/106206"
},
{
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041851"
},
{
"source": "sirt@juniper.net",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/106206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10884"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2018-0050
Vulnerability from fstec - Published: 10.10.2018
VLAI Severity ?
Title
Уязвимость обработчика ошибок сервиса Routing Protocols Daemon (RPD) операционной системы JunOS, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость обработчика ошибок сервиса Routing Protocols Daemon (RPD) операционной системы JunOS связана с ошибками освобождения ресурсов. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании c помощью специально сформированного MPLS RSVP пакета
Severity ?
Vendor
Juniper Networks Inc.
Software Name
JunOS
Software Version
до 14.1R9 (JunOS), до 14.1R8-S5 (JunOS), до 14.1X53-D48 (JunOS), до 14.1X53-D130 (JunOS), до 14.2R4 (JunOS)
Possible Mitigations
Использование рекомендаций:
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10884&actp=METADATA
Reference
http://www.securitytracker.com/id/1041851
https://kb.juniper.net/JSA10884
CWE
CWE-404
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Juniper Networks Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 14.1R9 (JunOS), \u0434\u043e 14.1R8-S5 (JunOS), \u0434\u043e 14.1X53-D48 (JunOS), \u0434\u043e 14.1X53-D130 (JunOS), \u0434\u043e 14.2R4 (JunOS)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10884\u0026actp=METADATA",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "10.10.2018",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.06.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "16.11.2018",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2018-01351",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-0050",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "JunOS",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Juniper Networks Inc. JunOS \u0434\u043e 14.1R9 , Juniper Networks Inc. JunOS \u0434\u043e 14.1R8-S5 , Juniper Networks Inc. JunOS \u0434\u043e 14.1X53-D48 QFX Switching, Juniper Networks Inc. JunOS \u0434\u043e 14.1X53-D130 QFabric System, Juniper Networks Inc. JunOS \u0434\u043e 14.2R4 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430 \u043e\u0448\u0438\u0431\u043e\u043a \u0441\u0435\u0440\u0432\u0438\u0441\u0430 Routing Protocols Daemon (RPD) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b JunOS, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u0437\u0430\u0447\u0438\u0441\u0442\u043a\u0430 \u0438\u043b\u0438 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 (CWE-404)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430 \u043e\u0448\u0438\u0431\u043e\u043a \u0441\u0435\u0440\u0432\u0438\u0441\u0430 Routing Protocols Daemon (RPD) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b JunOS \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 c \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e MPLS RSVP \u043f\u0430\u043a\u0435\u0442\u0430",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://www.securitytracker.com/id/1041851 \nhttps://kb.juniper.net/JSA10884",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-404",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
GHSA-HMCW-Q8V8-4633
Vulnerability from github – Published: 2022-05-13 01:35 – Updated: 2022-05-13 01:35
VLAI?
Details
An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic.
Severity ?
5.9 (Medium)
{
"affected": [],
"aliases": [
"CVE-2018-0050"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-10-10T18:29:00Z",
"severity": "MODERATE"
},
"details": "An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic.",
"id": "GHSA-hmcw-q8v8-4633",
"modified": "2022-05-13T01:35:55Z",
"published": "2022-05-13T01:35:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0050"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA10884"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106206"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041851"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2018-0050
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-0050",
"description": "An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic.",
"id": "GSD-2018-0050"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-0050"
],
"details": "An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic.",
"id": "GSD-2018-0050",
"modified": "2023-12-13T01:22:24.943752Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-10-10T16:00:00.000Z",
"ID": "CVE-2018-0050",
"STATE": "PUBLIC",
"TITLE": "Junos OS: Receipt of a malformed MPLS RSVP packet leads to a Routing Protocols Daemon (RPD) crash."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_name": "14.1",
"version_value": "14.1R8-S5, 14.1R9"
},
{
"affected": "\u003c",
"platform": "QFX Switching",
"version_name": "14.1X53",
"version_value": "14.1X53-D48"
},
{
"affected": "\u003c",
"platform": "QFabric System",
"version_name": "14.2",
"version_value": "14.1X53-D130"
},
{
"affected": "\u003c",
"version_name": "14.2",
"version_value": "14.2R4"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "The following minimal protocols configurations are required:\n\n [protocols rsvp]\n [protocols mpls interface]\n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Error Handling\n"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041851",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041851"
},
{
"name": "https://kb.juniper.net/JSA10884",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10884"
},
{
"name": "106206",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106206"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 14.1R8-S5, 14.1R9, 14.1X53-D130, 14.1X53-D48, 14.2R4, 15.1R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA10884",
"defect": [
"1087100"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Remove MPLS configuration stanzas from interface configurations that are at risk.\nNo other workarounds exist for this issue. "
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1:r4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1:r5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1:r6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1:r7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1:r9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d42:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d43:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d121:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d47:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d44:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d121:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d44:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d43:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d42:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d48:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d47:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.2:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.2:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:14.2:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"ID": "CVE-2018-0050"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D48 on QFX Switching; 14.2 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4. This issue does not affect versions of Junos OS before 14.1R1. Junos OS RSVP only supports IPv4. IPv6 is not affected by this issue. This issue require it to be received on an interface configured to receive this type of traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10884",
"refsource": "CONFIRM",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10884"
},
{
"name": "1041851",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041851"
},
{
"name": "106206",
"refsource": "BID",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/106206"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
},
"lastModifiedDate": "2019-10-09T23:31Z",
"publishedDate": "2018-10-10T18:29Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…