All the vulnerabilites related to juniper - csrx
Vulnerability from fkie_nvd
Published
2021-07-15 20:15
Modified
2024-11-21 05:42
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.3 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.3 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command "show interfaces <> extensive" and review the output. See further details below. An example output is: show interfaces extensive | match policer Policer: Input: __default_arp_policer__ <<< incorrect if user ARP Policer was applied on an AE interface and the default ARP Policer is displayed Policer: Input: jtac-arp-ae5.317-inet-arp <<< correct if user ARP Policer was applied on an AE interface For all platforms, except SRX Series: This issue affects Juniper Networks Junos OS: All versions 5.6R1 and all later versions prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the exception of 15.1 versions 15.1R7-S10 and later versions; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; This issue does not affect Juniper Networks Junos OS versions prior to 5.6R1. On SRX Series this issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.4 versions prior to 19.4R3-S4; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. This issue does not affect 18.4 versions prior to 18.4R1 on SRX Series. This issue does not affect Junos OS Evolved.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA11191 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA11191 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01888A41-DD62-42C3-ADDB-9F98933D7D2C",
"versionEndExcluding": "15.1",
"versionStartIncluding": "5.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D00050D6-179F-44CA-81BF-0D62A3764DF7",
"versionEndExcluding": "18.4",
"versionStartIncluding": "15.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:5.6:r1:*:*:*:*:*:*",
"matchCriteriaId": "97AFB83A-B200-48DA-B976-E170BB1AB752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
"matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "853F146A-9A0F-49B6-AFD2-9907434212F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "EE1F82EC-3222-4158-8923-59CDA1909A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*",
"matchCriteriaId": "8FE95D15-B5E5-4E74-9464-C72D8B646A6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*",
"matchCriteriaId": "C012CD07-706A-4E1C-B399-C55AEF5C8309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*",
"matchCriteriaId": "A0C26E59-874A-4D87-9E7F-E366F4D65ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*",
"matchCriteriaId": "75902119-60D0-49F8-8E01-666E0F75935A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "D59D7A31-128B-4034-862B-8EF3CE3EE949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "0C5E097B-B79E-4E6A-9291-C8CB9674FED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "819FA3ED-F934-4B20-BC0E-D638ACCB7787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "3D7D773A-4988-4D7C-A105-1885EBE14426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "1BD93674-9375-493E-BD6C-8AD41CC75DD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s5:*:*:*:*:*:*",
"matchCriteriaId": "34E28FD9-1089-42F7-8586-876DBEC965DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s6:*:*:*:*:*:*",
"matchCriteriaId": "B7E72C49-1849-4A6F-81BC-D03F06D47D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s7:*:*:*:*:*:*",
"matchCriteriaId": "541535BD-20DC-4489-91A7-F6CBC6802352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s8:*:*:*:*:*:*",
"matchCriteriaId": "924C4EAC-2A52-45A9-BE0F-B62F070C3E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "736B7A9F-E237-45AF-A6D6-84412475F481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "62E63730-F697-4FE6-936B-FD9B4F22EAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "064A7052-4EF5-4BFB-88FF-8122AEECB6A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "08C58CCB-3BAA-4400-B371-556DF46DE69C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "28F7740D-C636-4FA3-8479-E5E039041DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "81F6DEA3-F07E-4FD0-87CB-4E8C0B768706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "2C1601BB-CAB7-4C92-8416-1824BB85D820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "14FC491D-8DA8-4E79-A9A6-3629E41C847A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s8:*:*:*:*:*:*",
"matchCriteriaId": "44C4BE2C-814F-49AA-8B64-17245FC01270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "DC743EE4-8833-452A-94DB-655BF139F883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "FE96A8EA-FFE3-4D8F-9266-21899149D634",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "C12A75C6-2D00-4202-B861-00FF71585FA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "70FF3DD4-14CB-435D-8529-0480EB853F60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "4DCFA774-96EF-4018-82CF-95C807025C24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "76022948-4B07-43CB-824C-44E1AB3537CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "25446F60-5CB9-4923-BCE8-609AE3CFDFBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "758275F3-9457-45A2-8F57-65DCD659FC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "B46CB928-78B5-4D60-B747-9A0988C7060D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "ED73BF1A-96E4-49F1-A6AA-7B29DAA6C112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "8328FDE6-9707-4142-B905-3B07C0E28E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "41CD982F-E6F2-4951-9F96-A76C142DF08E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*",
"matchCriteriaId": "615EAF48-AD53-4CC2-B233-5EA5C0F72CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "DC8E7547-6649-436D-BC45-184417680C72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "D9789FF8-D55C-4AF9-A250-E543A0EB826F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:acx1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF19CB03-4A42-48BC-A6E1-A6F56D40F422",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "648CB4A2-05FA-4445-BB4F-F9285A8E8A5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90339191-4DE3-4116-8CEC-C5440D063CEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx2100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F5683A-7DCC-4691-AD3A-F2B66684DA9C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "154658D0-FE3E-43C1-8A4D-CAF67C9BCD98",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76E2CDA9-2379-482C-B509-D527AFE2C7D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36729286-5080-47E8-A961-976BF64F5A93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C398D8D-AD15-422C-90DE-2EAD9B9A7DF4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx5048:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F8DB691-C9F4-4084-8563-642A2F63DA86",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx5096:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44B58F51-4F0D-40BD-A90F-226A26F4646E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D013356B-A9FE-4301-BFEB-0D5B1AB3541D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx5448:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB7B849-D1D4-46F3-B502-5D84C5E7C3B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D0730C3-5846-43E9-A9BD-8AEED356A959",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6655453A-D027-41A3-B1E9-D40A5220E4CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx6360:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58626682-A25D-46B6-B2B3-493772FFBA11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:acx710:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC3484A2-C7E4-43D1-9D47-08C531185C67",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:atp400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A96949A-031D-4E05-8915-1A6D6BE645E0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:atp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29D8A7A3-2DFB-4752-8509-451247A1D5D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ctp150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2DDF73E-3892-4CEF-A184-F337A8406A82",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ctp2008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F92815F-B287-4A00-8D15-B44B9B0CB551",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ctp2024:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22D4B48C-CA58-4FA0-B31B-4ED7D96F7D79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ctp2056:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D82E84B-2B79-47DE-9033-B6711382CE56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:dx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6C49E-3AB5-4688-8BD7-0F9C274021F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:dx:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FF678F5C-F375-475C-BBEC-A4FC5F94AEFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex_rps:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42877394-A0A1-4136-A1D3-D287BFCC85E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3D4F71-8476-4F0D-A976-A308D6483D6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex2200-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7BD5636-93D5-4C06-964F-00055DF6B2B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex2200-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D066A90D-F7F2-4EA5-8F0C-D0E189DDB05D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B3302CB-457F-4BD2-B80B-F70FB4C4542E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "979C3597-C53B-4F4B-9EA7-126DA036C86D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex2300m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62A536DA-5A57-4255-AB22-F99F8B7FF62A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7A20FC-A19F-4881-A0E8-C440E9FE60D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex3300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC326549-217D-4194-8310-AB398D6FF3F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex3300-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D32B9B26-8BF0-4C56-A9BF-D9BBAEA50506",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47DAF5E7-E610-4D74-8573-41C16D642837",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53269C69-3D1E-4F05-8EF6-81743D7A699E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4200-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F54ADF-7C13-4AA6-B61E-627D4DBB1CF3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E594D6DC-87F6-40D2-8268-ED6021462168",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BEA4BC3-093F-4DE6-BED1-2C7D2FC2C8A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-24p-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "592377CC-4044-4FDD-A3DF-CBF25754EE4D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-24t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D12E8275-EF6B-44F9-A7D8-A769CDB5EED5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-24t-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E63215-246E-49F3-A537-8A90D512DAB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-32f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD1A5E69-928A-41A0-8B9B-91F307D99854",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-32f-dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B71953D-016D-4E72-B598-55667A507681",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-32f-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CABBC37B-EB93-424D-A1E7-4686039C0955",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-48mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24526B69-E3E3-4249-80A4-A886BED5C07E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-48mp-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2209605-65B6-44B3-9700-9EC543BF2408",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C348CF-65C1-4A53-8F4F-99B5A4113679",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-48p-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60CB5F91-DC40-4D09-BB93-4539B8581877",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-48t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE8EB69-95DD-44E9-80A6-F2B5E34BBD5B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-48t-afi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEEDB14F-E74A-4C48-A969-1D22D7F7C7C8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-48t-dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE3866E-109E-479F-9FFE-3F6E81C0DE7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-48t-dc-afi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A17D793-5F01-4818-956D-D6BC5A6C4CEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-48t-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF4C3E8E-C8B4-42A5-8DB6-7E8114FCC030",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-48tafi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77AF34EC-A154-4042-BE0B-B2BA9EEDEE93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-48tdc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9FD3D9F-B49C-48EC-8AE1-FE3B399809DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-48tdc-afi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10DC1840-7409-4BD0-9522-B55B1166CF9C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-mp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9EECCB3-37B3-4146-8F8C-4BBFF84499E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303ADB06-5CB5-44DA-8387-39FACC539EF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F07B0E0B-D2F2-4CF1-A8EA-A1E8DE83BBB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B43F6CB-0595-4957-8B3B-ADD4EA84D8C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEE8AE4-B393-442C-AD68-4AC43E76A8F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4500-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D842407-7A13-47C7-BBC9-FB0E978221CB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E98077-92AF-4E3E-96F0-2E6F9D6343D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4550-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B84C72A-C314-46FB-8DD8-1DF29C6C4B0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4550\\/vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3612D798-7A5F-4068-A5A2-92173893450E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4600-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3ECB975-D1A0-4318-9C5E-752A3C98F76F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B425BB1-3C78-42B1-A6C1-216E514191F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6CC1C89-B37F-4C5F-9F79-12997C79711D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex6210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71FF88C7-89CB-4E04-BADA-AD64F8060C6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex8200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE829C-325D-4E66-A6A2-A81BE8BCAB72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex8200-vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B74B12A6-1CE2-4293-ABA5-E3F23E15485C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex8208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72E67A5A-0DFF-42D9-81A7-570E9BCA463D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex8216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B51C5371-51E9-40AE-8619-BC1267DD1D08",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D08A8D94-134A-41E7-8396-70D8B0735E9C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86E82CE3-F43D-4B29-A64D-B14ADB6CC357",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13C0199E-B9F0-41D3-B625-083990517CDF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex9214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8790B456-DFC7-4E82-9A0C-C89787139B79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CCB1E61-07A1-40B0-B616-F1A6E06D11C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex9251:-:*:*:*:*:*:*:*",
"matchCriteriaId": "079290E9-DCC5-43F7-9480-64874DBF2696",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex9253:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA71434-CCBF-4A55-8B30-D213A43E8641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:fips_infranet_controller_6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4B171E2-3E7D-42CE-8F16-0C232222EC63",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:fips_secure_access_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80CC7A54-95DD-4C60-8A99-21F800616784",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:fips_secure_access_4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B68C4310-771E-4E8F-9C62-6EBE233FCB92",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:fips_secure_access_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55331F37-6F9B-48A8-BBB3-BE9EBF4C2B3D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:fips_secure_access_6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "528028F3-3F3F-4354-A1D7-2EF66BA27CEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:gfx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A1587D9-B2C4-48E6-889E-D4AFB7154E47",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:idp250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60A5EAF5-4E2C-4A5C-A4B8-6370490136AC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:idp75:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD39F3D-8DD7-48DA-A8C2-543B8B05E50F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:idp800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "567C7544-3C8B-468B-A2A1-0750B4623EA1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:idp8200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC3940A-9974-48AC-BEA6-66F1DC8D91DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:infranet_controller_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D39E3026-7E64-4201-8801-5138C52EA3BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:infranet_controller_4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1220A6C-A397-4BDD-A7D1-BF16BC35CE4A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:infranet_controller_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "602D3D3E-6859-4E6D-AF61-D58D26C78E65",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:infranet_controller_6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4384E5A3-9D09-4340-943A-BB3408D85B8D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:jatp:400:*:*:*:*:*:*:*",
"matchCriteriaId": "A5723E51-E41D-4CBC-B433-C5D0845711C7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:jatp:700:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC93060-DCEA-4181-A38B-653FB165D2C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:junos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA2466C-D443-4A63-AA4F-1AE4EE5DA02A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:junos_space_ja1500_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C58939FC-742F-4A93-8977-6953B32E6817",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:junos_space_ja2500_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D76C2611-F434-496C-8E30-4FA927223B81",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ln1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19C2C35E-BE56-436B-A917-95B8C0BD6B41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ln2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F11EE2D8-262D-44EC-B6A4-005C96AD5D06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:m10i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10374BF7-2AD3-483F-B3C1-950076934866",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:m120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5FB57F2-6135-49FF-8D33-13B55F7020CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:m320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA6BB73-A778-414B-8A92-6CB6886A32D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:m7i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF6048CF-0BE2-4016-A95E-34799796014C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mag2600_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EE557B9-DF6D-4C20-98BE-E934D187CCFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mag4610_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB174F88-B643-4338-BCD6-A9CD0EDB54A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mag6610_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "115C8834-8BD1-4561-8B98-AE29E3B9C1C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mag6611_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54C5F933-61BB-40EA-9ADC-C22CFE8F9D1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72952BFC-45B9-4379-8D9A-A10132CC34EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52699E2B-450A-431C-81E3-DC4483C8B4F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5627740-42E3-4FB1-B8B9-0B768AFFA1EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C39DA74D-F5C7-4C11-857D-50631A110644",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F72C850A-0530-4DB7-A553-7E19F82122B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE2089C-F341-4DC1-B76D-633BC699306D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27175D9A-CA2C-4218-8042-835E25DFCA43",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00C7FC57-8ACF-45AA-A227-7E3B350FD24F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2754C2DF-DF6E-4109-9463-38B4E0465B77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A26704-A6A4-4C4F-9E12-A0A0259491EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C982A2FF-A1F9-4830-BAB6-77CFCE1F093F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "104858BD-D31D-40E0-8524-2EC311F10EAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B557965-0040-4048-B56C-F564FF28635B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB875EBD-A3CD-4466-B2A3-39D47FF94592",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E08E1E-0FE4-4294-9497-BBFFECA2A220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A658500D-84C8-4F33-9AD3-2DF76DC41459",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2B4E7A-30F3-488E-A685-7CBF998C7E9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-5gt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCCC02F-48ED-469D-808A-B17810A6E5C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-5gt:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A482DFA5-4108-4B0F-BD8E-04FEB52D3537",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B97B63E-CE45-4DF9-9838-D9CE96CECE72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp:3.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5F6D51-15B0-449D-9418-8C4C7A1E1D7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp:3.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "C696E607-0927-4087-A437-9C5459EB8BE5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C332A8-746C-4FC8-84E3-D67C8C3D377A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6C2728-2D68-498A-A6F1-39DBEFABB1B2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44AF925F-DF8C-456E-A61E-E94C5CED5A7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5D2B14-E517-4229-BB16-A1B8E5436959",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:nfx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "322C5D3F-ADE3-417D-9355-187C9648ED1D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:nfx150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9AE81FA-B0F3-4F0B-A2D1-2BB590345058",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:nfx250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB08A27-7777-4538-ADC4-9D2F89963C13",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:nfx350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56048-A486-4A46-B438-CC3084BD9CB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:nsm3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD754FD-CC22-47BA-A2A7-4835CC8E55E0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:nsmexpress:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5B7D06-3E72-49C1-9ABA-7BD68860C1F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ocx1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "290BA886-8174-4F62-A72C-D50BFDB7FDA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E6DF99D-E438-4943-BC32-F2821E72AE0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx1000-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B219F54A-4474-48CB-80F1-D988A719C3DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "249F6266-4ED6-4464-9347-9322E1481D0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CDCCB33-D428-4D64-977E-71C62F89AE5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10001-36mr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C188428C-0558-44FB-845C-E885DE9A0733",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx100016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37F94757-34CE-4F88-A6D3-544FE6A476D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82B22AC2-B794-4F12-9EB3-9AA6E4B19831",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10002-60c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5462DF-5CF1-4DF9-989B-622EA734964F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10003:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BD05415-9F94-4EB8-805A-C9C0FFA9D0DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10003_160c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1E88A41-B158-4A66-9DFD-438931C6BE68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10003_80c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C97FFB5-8755-474B-ABCF-98DC7659208E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10003_81cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAECB1BF-0F3A-4AD9-AF6B-E54A13D9D804",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C432E543-37F5-4CA0-B239-2B97C6A16907",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65A64A26-4606-4D33-8958-5A3B7FFC4CDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1879799F-18B2-4958-AA90-FD19348C889F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "516476F9-7D4C-494F-99AA-750F4467CD15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "654140A0-FEC0-4DB4-83BF-ECCB000DFA4D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx10000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF2039C-E08C-472F-82E6-DAD3F94724B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1401145-D8EC-4DB9-9CDE-9DE6C0D000C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx10002-32q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E59530-3262-4BDC-915C-0B8D2EED7784",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx10002-60c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "626CA614-72D4-4A8B-9C38-275C7A7F8D85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx10002-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0FF30F4-3D10-4AD6-9643-5826A11C7629",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1453E42A-77B3-4922-8EC3-1A5668C39550",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26408465-BD6A-4416-B98E-691A5F651080",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx3000-g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79C98F71-042D-412D-8064-FF8E27CAB9D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx3000-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3110C458-EFBA-4221-9417-015B7D5874C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx3008-i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0727FD0-F5A2-4156-BBDB-F4AE6E6F1B89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx3100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "858482CF-E310-4F6C-8ECC-C9BFBA3E1EC5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A336BD3-4AB0-4E9E-8AD5-E6413A5A53FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4D44B0-E6CE-4380-8712-AC832DBCB424",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx3600-i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6F6C1E3-9390-4E06-AA62-02C99447FDB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5100-96s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD0F680-ED30-48F3-A5D9-988D510CFC0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09EBDE4B-764F-4DF1-844A-BB8A52CD53EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB58A6E9-FFCF-4331-AC3B-45C37BD1943E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5200-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38D790AD-D00F-4FED-96FE-3046C827356B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5200-48y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD9AD5C-947D-41EF-9969-FCCEB144984F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D877320D-1997-4B66-B11B-864020C755E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5210-64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B86047DE-A0A0-4698-9414-B66C0FA7B544",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D193BEBD-9436-468D-B89E-D5720603451D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:router_m10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F5BF9C1-F81A-487F-A748-94D6FFFEE454",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:router_m16:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD2B717B-9637-4FA3-9361-315941D95BEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:router_m20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA345A17-CB56-4252-AC1E-EDF2F91A80FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:router_m40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0960F82-AF63-4047-BB4A-44BC4A4E4B3F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:router_m5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "493A0970-104C-4485-8067-973931CD6067",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:secure_access_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF6B885A-5C17-4928-A1B9-4A729F277F4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:secure_access_2500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82E5E8BD-68B9-4C94-A1F0-3F5C3EC7620A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:secure_access_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D6A2465-451A-436A-89C1-94424A0C4AB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:secure_access_4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "641091CF-F671-4AD7-B10F-E50497AC462B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:secure_access_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "501D212B-D846-4D43-B6D8-F01C2483AB64",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:secure_access_6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "075FD895-451D-4959-9A73-94F5BB1853E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:secure_access_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42FB27DD-D685-4D5E-8DAF-7A34DE33AB59",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:t1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6E6B57-BFF3-4AD2-979A-B2C4FD9F138E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:t320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B52F913-266E-44CB-BFA3-85AC9D55FF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:t4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B57FF1-D4F8-4E28-95A7-2D29DF65D825",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:t640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CCEFE5-F37B-482D-8670-DA40EFBB7E42",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:xre200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5542E06B-EC81-47A8-AB09-55DBE0560D1C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
"matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "853F146A-9A0F-49B6-AFD2-9907434212F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "EE1F82EC-3222-4158-8923-59CDA1909A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*",
"matchCriteriaId": "8FE95D15-B5E5-4E74-9464-C72D8B646A6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*",
"matchCriteriaId": "C012CD07-706A-4E1C-B399-C55AEF5C8309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*",
"matchCriteriaId": "A0C26E59-874A-4D87-9E7F-E366F4D65ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*",
"matchCriteriaId": "75902119-60D0-49F8-8E01-666E0F75935A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "D59D7A31-128B-4034-862B-8EF3CE3EE949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "0C5E097B-B79E-4E6A-9291-C8CB9674FED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "819FA3ED-F934-4B20-BC0E-D638ACCB7787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "3D7D773A-4988-4D7C-A105-1885EBE14426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "1BD93674-9375-493E-BD6C-8AD41CC75DD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s5:*:*:*:*:*:*",
"matchCriteriaId": "34E28FD9-1089-42F7-8586-876DBEC965DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s6:*:*:*:*:*:*",
"matchCriteriaId": "B7E72C49-1849-4A6F-81BC-D03F06D47D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s7:*:*:*:*:*:*",
"matchCriteriaId": "541535BD-20DC-4489-91A7-F6CBC6802352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s8:*:*:*:*:*:*",
"matchCriteriaId": "924C4EAC-2A52-45A9-BE0F-B62F070C3E3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "736B7A9F-E237-45AF-A6D6-84412475F481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "62E63730-F697-4FE6-936B-FD9B4F22EAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "064A7052-4EF5-4BFB-88FF-8122AEECB6A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "08C58CCB-3BAA-4400-B371-556DF46DE69C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "28F7740D-C636-4FA3-8479-E5E039041DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "81F6DEA3-F07E-4FD0-87CB-4E8C0B768706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "2C1601BB-CAB7-4C92-8416-1824BB85D820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "14FC491D-8DA8-4E79-A9A6-3629E41C847A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s8:*:*:*:*:*:*",
"matchCriteriaId": "44C4BE2C-814F-49AA-8B64-17245FC01270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "DC743EE4-8833-452A-94DB-655BF139F883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "FE96A8EA-FFE3-4D8F-9266-21899149D634",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "C12A75C6-2D00-4202-B861-00FF71585FA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "70FF3DD4-14CB-435D-8529-0480EB853F60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "4DCFA774-96EF-4018-82CF-95C807025C24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "76022948-4B07-43CB-824C-44E1AB3537CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "25446F60-5CB9-4923-BCE8-609AE3CFDFBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "758275F3-9457-45A2-8F57-65DCD659FC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "B46CB928-78B5-4D60-B747-9A0988C7060D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "ED73BF1A-96E4-49F1-A6AA-7B29DAA6C112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0886EFA6-47E3-4C1D-A278-D3891A487FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "8328FDE6-9707-4142-B905-3B07C0E28E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "41CD982F-E6F2-4951-9F96-A76C142DF08E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*",
"matchCriteriaId": "615EAF48-AD53-4CC2-B233-5EA5C0F72CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "DC8E7547-6649-436D-BC45-184417680C72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "D9789FF8-D55C-4AF9-A250-E543A0EB826F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E020556B-693F-4963-BA43-3164AB50FA49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A03463-6B1D-4DBA-9E89-CAD5E899B98B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52F0B735-8C49-4B08-950A-296C9CDE43CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command \"show interfaces \u003c\u003e extensive\" and review the output. See further details below. An example output is: show interfaces extensive | match policer Policer: Input: __default_arp_policer__ \u003c\u003c\u003c incorrect if user ARP Policer was applied on an AE interface and the default ARP Policer is displayed Policer: Input: jtac-arp-ae5.317-inet-arp \u003c\u003c\u003c correct if user ARP Policer was applied on an AE interface For all platforms, except SRX Series: This issue affects Juniper Networks Junos OS: All versions 5.6R1 and all later versions prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the exception of 15.1 versions 15.1R7-S10 and later versions; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; This issue does not affect Juniper Networks Junos OS versions prior to 5.6R1. On SRX Series this issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.4 versions prior to 19.4R3-S4; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. This issue does not affect 18.4 versions prior to 18.4R1 on SRX Series. This issue does not affect Junos OS Evolved."
},
{
"lang": "es",
"value": "Cuando se configura y aplica el ARP Policer definido por el usuario en una o m\u00e1s unidades de interfaz de Ethernet Agregada (AE), una vulnerabilidad de condici\u00f3n de carrera de tipo Time-of-check Time-of-use (TOCTOU) entre los demonios Device Control Daemon (DCD) y el proceso de firewall (dfwd) de Juniper Networks Junos OS permite a un atacante omitir el ARP Policer definido por el usuario. En este caso concreto, el ARP policer de usuario se sustituye por el ARP policer predeterminado. Para revisar los ARP Policers deseados y el estado real se puede ejecutar el comando \"show interfaces () extensive\" y revisar la salida. Vea m\u00e1s detalles a continuaci\u00f3n. Un ejemplo de salida es: show interfaces extensive | match policer Policer: Input: __default_arp_policer__ ((( incorrecto si se aplic\u00f3 ARP Policer de usuario en una interfaz AE y se muestra el ARP Policer por defecto Policer: Input: jtac-arp-ae5.317-inet-arp ((( correcto si se aplic\u00f3 ARP Policer de usuario en una interfaz AE Para todas las plataformas, excepto la serie SRX: Este problema afecta a Juniper Networks Junos OS: Todas las versiones 5.6R1 y todas las versiones posteriores, anteriores a 18.4 versiones anteriores a 18.4R2-S9, 18.4R3-S9 con la excepci\u00f3n de las versiones 15.1 15.1R7-S10 y posteriores; las versiones 19.4 anteriores a 19.4R3-S3; las versiones 20.1 anteriores a 20. 1R3; versiones 20.2 anteriores a 20.2R3-S2; 20.3 versi\u00f3n 20.3R1 y versiones posteriores; 20.4 versiones anteriores a 20.4R3; 21.1 versiones anteriores a 21.1R2; Este problema no afecta a versiones de Junos OS anteriores a 5.6R1. En la serie SRX, este problema afecta a Juniper Networks Junos OS: 18.4 versiones anteriores a 18.4R2-S9, 18.4R3-S9; 19.4 versiones anteriores a 19.4R3-S4; versiones 20.1 anteriores a 20.1R3; versiones 20.2 anteriores a 20.2R3-S2; 20.3 versi\u00f3n 20.3R1 y posteriores; 20.4 versiones anteriores a 20.4R3; 21.1 versiones anteriores a 21.1R2. Este problema no afecta a las versiones 18.4 anteriores a 18.4R1 en la serie SRX. Este problema no afecta a Junos OS Evolved"
}
],
"id": "CVE-2021-0289",
"lastModified": "2024-11-21T05:42:24.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-15T20:15:10.563",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA11191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA11191"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-09 20:15
Modified
2024-11-21 04:16
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Veriexec subsystem of Juniper Networks Junos OS allowing an attacker to fully compromise the host system. A local authenticated user can elevate privileges to gain full control of the system even if they are specifically denied access to perform certain actions. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D80 on SRX Series.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA10956 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA10956 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | junos | 12.3x48 | |
| juniper | csrx | - | |
| juniper | srx100 | - | |
| juniper | srx110 | - | |
| juniper | srx1400 | - | |
| juniper | srx1500 | - | |
| juniper | srx210 | - | |
| juniper | srx220 | - | |
| juniper | srx240 | - | |
| juniper | srx300 | - | |
| juniper | srx320 | - | |
| juniper | srx340 | - | |
| juniper | srx3400 | - | |
| juniper | srx345 | - | |
| juniper | srx3600 | - | |
| juniper | srx4100 | - | |
| juniper | srx4200 | - | |
| juniper | srx4600 | - | |
| juniper | srx5400 | - | |
| juniper | srx550 | - | |
| juniper | srx550_hm | - | |
| juniper | srx5600 | - | |
| juniper | srx5800 | - | |
| juniper | srx650 | - | |
| juniper | vsrx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*",
"matchCriteriaId": "AC1FED64-8725-4978-9EBF-E3CD8EF338E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
"matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
"matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*",
"matchCriteriaId": "5FF83BD0-3B28-481E-8C8F-09ECDA493DA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*",
"matchCriteriaId": "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*",
"matchCriteriaId": "3C82799B-BD25-4359-9E3D-4D7CA7367525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*",
"matchCriteriaId": "094485FF-960C-4533-A2AF-6C4D420D260D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*",
"matchCriteriaId": "F8BE3661-1DE5-4F57-9384-68C1B34F6812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*",
"matchCriteriaId": "B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*",
"matchCriteriaId": "C6C694C6-C58C-4513-91E8-6CC22A2386E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*",
"matchCriteriaId": "6B65EF51-ED97-4973-94C4-8F66C553F190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*",
"matchCriteriaId": "9EE7C08A-2A4B-4A84-AD95-A890913E2EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*",
"matchCriteriaId": "44C61900-680C-4C74-8B96-ACC93FE9465E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d70:*:*:*:*:*:*",
"matchCriteriaId": "B6C38637-ABE0-419A-A053-CBE076766551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d75:*:*:*:*:*:*",
"matchCriteriaId": "1F87EF0D-E609-4D4A-B228-CEF05C753E68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Veriexec subsystem of Juniper Networks Junos OS allowing an attacker to fully compromise the host system. A local authenticated user can elevate privileges to gain full control of the system even if they are specifically denied access to perform certain actions. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D80 on SRX Series."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el subsistema Veriexec de Juniper Networks Junos OS, permite a un atacante comprometer completamente el sistema host. Un usuario autenticado local puede elevar los privilegios para conseguir el control total del sistema, incluso si se le niega espec\u00edficamente el acceso para realizar determinadas acciones. Este problema afecta: Juniper Networks Junos OS: versiones 12.3X48 anteriores a 12.3X48-D80 en la serie SRX."
}
],
"id": "CVE-2019-0058",
"lastModified": "2024-11-21T04:16:09.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-09T20:15:16.787",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10956"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-09 20:15
Modified
2024-11-21 04:16
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15 on EX Series; 12.3X48 versions prior to 12.3X48-D85 on SRX Series; 14.1X53 versions prior to 14.1X53-D51; 15.1 versions prior to 15.1F6-S13, 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238; 16.1 versions prior to 16.1R4-S13, 16.1R7-S5; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S5; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S2, 19.1R2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA10961 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA10961 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:-:*:*:*:*:*:*",
"matchCriteriaId": "223C12D0-61A0-4C12-8AFC-A0CB64759A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "371A7DF8-3F4B-439D-8990-D1BC6F0C25C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r11:*:*:*:*:*:*",
"matchCriteriaId": "F0DD051A-E486-4A9D-A978-A5A980AAF237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r12:*:*:*:*:*:*",
"matchCriteriaId": "D4ED9ACC-B6BA-4128-8934-759BB9EC904F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r12-s13:*:*:*:*:*:*",
"matchCriteriaId": "BACE640C-9ED9-4976-9083-DEEBDDAA5516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r12-s14:*:*:*:*:*:*",
"matchCriteriaId": "9813A1FF-9AB3-46C0-BD65-5462E2942FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "C6F309FD-0A5A-4C86-B227-B2B511A5CEB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*",
"matchCriteriaId": "960059B5-0701-4B75-AB51-0A430247D9F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*",
"matchCriteriaId": "1D1DCA52-DA81-495B-B516-5571F01E3B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r6:*:*:*:*:*:*",
"matchCriteriaId": "05E187F6-BACD-4DD5-B393-B2FE4349053A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r7:*:*:*:*:*:*",
"matchCriteriaId": "3C240840-A6BC-4E3D-A60D-22F08E67E2B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r8:*:*:*:*:*:*",
"matchCriteriaId": "CC90563F-6BCB-4D77-8FD4-584E3A6C7741",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3:r9:*:*:*:*:*:*",
"matchCriteriaId": "5AD03BA7-D9EC-420F-97C4-383F79D6873F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:ex2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3D4F71-8476-4F0D-A976-A308D6483D6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex2200-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7BD5636-93D5-4C06-964F-00055DF6B2B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B3302CB-457F-4BD2-B80B-F70FB4C4542E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "979C3597-C53B-4F4B-9EA7-126DA036C86D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7A20FC-A19F-4881-A0E8-C440E9FE60D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex3300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC326549-217D-4194-8310-AB398D6FF3F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47DAF5E7-E610-4D74-8573-41C16D642837",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53269C69-3D1E-4F05-8EF6-81743D7A699E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E594D6DC-87F6-40D2-8268-ED6021462168",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEE8AE4-B393-442C-AD68-4AC43E76A8F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E98077-92AF-4E3E-96F0-2E6F9D6343D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B425BB1-3C78-42B1-A6C1-216E514191F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex6210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71FF88C7-89CB-4E04-BADA-AD64F8060C6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex8208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72E67A5A-0DFF-42D9-81A7-570E9BCA463D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex8216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B51C5371-51E9-40AE-8619-BC1267DD1D08",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86E82CE3-F43D-4B29-A64D-B14ADB6CC357",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13C0199E-B9F0-41D3-B625-083990517CDF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex9214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8790B456-DFC7-4E82-9A0C-C89787139B79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex9251:-:*:*:*:*:*:*:*",
"matchCriteriaId": "079290E9-DCC5-43F7-9480-64874DBF2696",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ex9253:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA71434-CCBF-4A55-8B30-D213A43E8641",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*",
"matchCriteriaId": "AC1FED64-8725-4978-9EBF-E3CD8EF338E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
"matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
"matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*",
"matchCriteriaId": "5FF83BD0-3B28-481E-8C8F-09ECDA493DA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*",
"matchCriteriaId": "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*",
"matchCriteriaId": "3C82799B-BD25-4359-9E3D-4D7CA7367525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*",
"matchCriteriaId": "094485FF-960C-4533-A2AF-6C4D420D260D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*",
"matchCriteriaId": "F8BE3661-1DE5-4F57-9384-68C1B34F6812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*",
"matchCriteriaId": "B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*",
"matchCriteriaId": "C6C694C6-C58C-4513-91E8-6CC22A2386E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*",
"matchCriteriaId": "6B65EF51-ED97-4973-94C4-8F66C553F190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*",
"matchCriteriaId": "9EE7C08A-2A4B-4A84-AD95-A890913E2EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*",
"matchCriteriaId": "44C61900-680C-4C74-8B96-ACC93FE9465E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d70:*:*:*:*:*:*",
"matchCriteriaId": "B6C38637-ABE0-419A-A053-CBE076766551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d75:*:*:*:*:*:*",
"matchCriteriaId": "1F87EF0D-E609-4D4A-B228-CEF05C753E68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d80:*:*:*:*:*:*",
"matchCriteriaId": "4484081E-E2E9-4858-8960-144D820CF7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:-:*:*:*:*:*:*",
"matchCriteriaId": "6FEF5DD8-B0B2-4ED2-B38F-CE870485AB8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
"matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
"matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
"matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
"matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
"matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
"matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*",
"matchCriteriaId": "74500FC7-EE82-4AA8-9A5F-15DE4835E337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*",
"matchCriteriaId": "AAE14AE1-6756-4831-A8D5-A6D07DB24AF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*",
"matchCriteriaId": "A545D686-25FD-47CD-838A-CF69FB707253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*",
"matchCriteriaId": "EB013C0D-893D-4A71-AF86-B63DB4464784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d48:*:*:*:*:*:*",
"matchCriteriaId": "E03E379C-BC08-4FB7-9C01-41F75DFD281F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d49:*:*:*:*:*:*",
"matchCriteriaId": "4B3F3C41-2677-4F6C-81DE-A9DD2CE27E8A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "285CD1E5-C6D3-470A-8556-653AFF74D0F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*",
"matchCriteriaId": "C56F5C48-BA48-4EE1-88BE-782B3CFB3B90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
"matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s1:*:*:*:*:*:*",
"matchCriteriaId": "AC196685-3B0C-4754-AE6A-6BE456CC6B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s2:*:*:*:*:*:*",
"matchCriteriaId": "F0146AA9-C513-4871-A62A-52C9F40EB958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s3:*:*:*:*:*:*",
"matchCriteriaId": "A18672EF-E33D-4ACE-BB0A-561812F502C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s4:*:*:*:*:*:*",
"matchCriteriaId": "CEF0E75F-831E-40B8-926D-B2E92A84E31B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*",
"matchCriteriaId": "0E0ECBD8-3D66-49DA-A557-5695159F0C06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*",
"matchCriteriaId": "0EAA2998-A0D6-4818-9E7C-25E8099403E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*",
"matchCriteriaId": "2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*",
"matchCriteriaId": "71D211B9-B2FE-4324-AAEE-8825D5238E48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f6-s3:*:*:*:*:*:*",
"matchCriteriaId": "CA0D028E-0B07-4CB2-863A-527806B9917C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r4-s9:*:*:*:*:*:*",
"matchCriteriaId": "F8CD62D3-0894-426E-80A8-CEBCBD49810F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*",
"matchCriteriaId": "08FC0245-A4FF-42C0-A236-8569301E351A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "120EA9E3-788B-4CFD-A74F-17111FFD0131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r6-s6:*:*:*:*:*:*",
"matchCriteriaId": "C8257676-7AA7-4B39-A8F8-685843D0685B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r7-s1:*:*:*:*:*:*",
"matchCriteriaId": "33A3ECF9-AA4D-41F9-8441-1EB5F1DB882E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r7-s2:*:*:*:*:*:*",
"matchCriteriaId": "989D1170-C430-4117-8E3B-46D8B459DF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r7-s3:*:*:*:*:*:*",
"matchCriteriaId": "DB2FD851-BBB6-4D29-B933-1070564E0B50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*",
"matchCriteriaId": "27A6BF09-ABBF-4126-ADD6-B174937F8554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
"matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
"matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
"matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*",
"matchCriteriaId": "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*",
"matchCriteriaId": "C808E08F-1992-43DD-A106-E920DC784831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*",
"matchCriteriaId": "E288F54B-AEA3-412F-85A4-EBDFE74DB84F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d160:*:*:*:*:*:*",
"matchCriteriaId": "02AAC05C-1C4B-4F35-A286-52D20DFD6212",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d170:*:*:*:*:*:*",
"matchCriteriaId": "080422D3-B508-4049-B558-4B04BF2E8AB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
"matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
"matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
"matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:-:*:*:*:*:*:*",
"matchCriteriaId": "C9511DD0-D910-4C29-B0E3-8F9D0531F09C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
"matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
"matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*",
"matchCriteriaId": "BBD36C0D-0F44-4349-968D-4CD60F281D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d25:*:*:*:*:*:*",
"matchCriteriaId": "1DD0B95A-7C9F-4A18-9CD8-BA344DEFC9D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
"matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d31:*:*:*:*:*:*",
"matchCriteriaId": "6F3ED4F6-483F-41DC-BBCF-3605641ACAD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
"matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
"matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
"matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d40:*:*:*:*:*:*",
"matchCriteriaId": "C2B5ED13-F998-447C-8FEA-047FE9FE2F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d45:*:*:*:*:*:*",
"matchCriteriaId": "65F3CD2A-D5E1-4EFF-9013-6D81B396F765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d56:*:*:*:*:*:*",
"matchCriteriaId": "3978B35D-5745-47BC-A56F-A0678AB0F3E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*",
"matchCriteriaId": "962CCED8-E321-4878-9BE6-0DC33778559A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*",
"matchCriteriaId": "2B08B97A-5D4D-405B-A1C4-9E327E4EED35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*",
"matchCriteriaId": "738C1061-E8B8-4924-AFE9-5E59F22CA4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*",
"matchCriteriaId": "9071DC8C-D0AA-448E-82BF-7C801199193F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d65:*:*:*:*:*:*",
"matchCriteriaId": "F0396190-54A5-4F11-8530-B5EC7BCBC85A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d70:*:*:*:*:*:*",
"matchCriteriaId": "88BAA95F-7CA2-46A0-8F60-588941AF3E44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:-:*:*:*:*:*:*",
"matchCriteriaId": "258A380C-1EA0-407D-B7E3-4A2E8820119C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "BBE35BDC-7739-4854-8BB8-E8600603DE9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "2DC47132-9EEA-4518-8F86-5CD231FBFB61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "CD5A30CE-9498-4007-8E66-FD0CC6CF1836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r3-s10:*:*:*:*:*:*",
"matchCriteriaId": "07CD1E7C-24EA-46B7-964C-C78FF64AFAE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "6D3E38C1-808C-4BD3-993D-F30855F5390F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r5-s4:*:*:*:*:*:*",
"matchCriteriaId": "C88635DB-09B1-4DA1-8FC3-2F7A7E42819C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r6-s1:*:*:*:*:*:*",
"matchCriteriaId": "DF5A9D31-ED7D-4390-B46D-7E46089DB932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r7:*:*:*:*:*:*",
"matchCriteriaId": "6B4A4960-0241-4BF4-8857-8B7BE33466B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r7-s4:*:*:*:*:*:*",
"matchCriteriaId": "732A499C-9FAC-4307-B090-8971970B3EF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9677CE18-B955-432F-BA2B-AAE3D0CA0F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "3661BC68-6F32-447F-8D20-FD73FBBED9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "5B6097D4-3856-4696-9A26-5B6C0FD9AD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "84DD80BF-BF7E-447B-AA74-00B3D8036E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "57B89EEB-222D-46AA-BC8F-4EE7E17BA7B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s5:*:*:*:*:*:*",
"matchCriteriaId": "ECAE613D-1317-4D2E-8A61-980CD5DEAED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s6:*:*:*:*:*:*",
"matchCriteriaId": "BAB2D63C-C966-42CA-85A9-09820D00A2D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s7:*:*:*:*:*:*",
"matchCriteriaId": "5A7231C6-1CC4-4E7A-A317-5315246D2540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s8:*:*:*:*:*:*",
"matchCriteriaId": "B14E079B-4E8F-4DAC-85C7-ECC888EBD306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s9:*:*:*:*:*:*",
"matchCriteriaId": "35F7D583-44F3-41F0-829F-8C17DFCD4464",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CC9B5CDE-3A50-4CD3-962A-FA0989939F37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "7572C187-4D58-4E0D-A605-B2B13EFF5C6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "E34A149E-C2ED-4D86-A105-0A2775654AE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4E0D42C4-9B4D-44F9-BC84-E7994404598B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s10:*:*:*:*:*:*",
"matchCriteriaId": "CC7A70CD-3A5E-4F01-8469-E5CD406BB04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "DE2C20D8-3C73-4B87-BA41-DBFBCA5FBA58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "54D887B4-D2F4-4537-8298-B98D01396F12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "1C1B5AE6-A323-4744-BCA1-25E46D2D27BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s5:*:*:*:*:*:*",
"matchCriteriaId": "0AB39E2F-0D67-4FA6-84B8-36684E971002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s6:*:*:*:*:*:*",
"matchCriteriaId": "A32C3702-48DE-47CF-B0D1-3A629676AD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s7:*:*:*:*:*:*",
"matchCriteriaId": "B9695B3E-FCDA-4DF0-B714-8B4F87AA647D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "FA99E0A9-8C98-49A8-A248-A53E3B723A90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:-:*:*:*:*:*:*",
"matchCriteriaId": "BCEE8D9C-6D64-4A9B-A74A-57A0BF4086C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E889BF9C-BDDF-4A6A-97BB-00A097EF6D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "595987A6-D8CE-41ED-B51C-EF9CD3B47AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s4:*:*:*:*:*:*",
"matchCriteriaId": "CFA3526C-FF53-4823-B6AC-0BA91BFB532D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s7:*:*:*:*:*:*",
"matchCriteriaId": "9689695F-53EB-4B35-9072-750E7282B011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s8:*:*:*:*:*:*",
"matchCriteriaId": "4F7CE683-5647-455B-936C-DF0D973A180A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r2-s6:*:*:*:*:*:*",
"matchCriteriaId": "B87ECEAD-FD18-4252-8D46-F281DD4125AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r2-s7:*:*:*:*:*:*",
"matchCriteriaId": "C6788EE2-B0DA-470E-B72E-E8D5CCFB5259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5FD8A8E1-201B-4E4E-8F69-23856E56AF60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "897850A3-2A27-483C-8266-E4547F1A4341",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*",
"matchCriteriaId": "A283D32F-1CAF-4A5A-83E1-585F2801771F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "32F83E8B-A816-4F26-95F8-F0DA7F3DF426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2C433359-BC8B-4E69-BE74-A31EB148083A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "565AE6D8-28A9-4A62-A886-5BAB954695D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C366F93-BB30-4144-99AE-40B676977834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "488BB10A-1360-42E5-A68D-23D51B332850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "64988F0A-E02C-455B-99C9-4059C896416F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*",
"matchCriteriaId": "A00CA6FB-8F28-4171-B510-8DBA351E80C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "605F1AD7-5B09-44F0-9017-15AB3EEE559C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*",
"matchCriteriaId": "4E4EB6B0-8DB2-4199-96E4-30195D49F756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*",
"matchCriteriaId": "9D8A8E33-473A-4A40-A7B7-47086BB9012A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*",
"matchCriteriaId": "F0F65DCA-34B9-4CE8-91C9-426AAAEB4097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "0E0CE79A-157D-47DE-BE65-936BC12470EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "05060C06-18C1-40E8-AE01-385B036CC9AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "006EE425-A146-4E10-B050-7E754BB8402A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "2B482BCC-1F0C-47AA-B63B-1B39CEF7B2C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*",
"matchCriteriaId": "0DFDD907-5305-4602-8A9C-685AA112C342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "84F5BCBA-404B-4BC9-B363-CE6D231B0D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "18A4CA3E-DA61-49CC-8476-3A476CCB2B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "A7380B3E-09F5-4497-86C6-11EF56BD89F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "658841A9-BEC9-433E-81D0-47DE82887C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "C97683B3-A07B-428F-9535-C49B55305679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "A14CE132-C56B-43D8-A248-AB6A2D1A7B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "73978DD8-BD92-4872-8F35-AF2B9BCA1ECB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*",
"matchCriteriaId": "238EC996-8E8C-4332-916F-09E54E6EBB9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "21B7820C-01D2-401C-9E6D-C83994FD5961",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "3D2FBD29-2CAC-41B4-9336-671373EF4A7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "EEFCDA90-67E2-4AEF-800C-1D29A9121B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "74B99981-840F-4DAD-976A-5DAEFE9FB93D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*",
"matchCriteriaId": "1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "5342C3DC-D640-47AB-BD76-3444852988A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "A2ABC574-B3FC-4025-B50D-7F9EEB28C806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "6F6EAFC3-C3AC-4361-8530-39FCF89702F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "B7A3FBD3-5399-42A9-9BD9-E3C981CBD6DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
"matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*",
"matchCriteriaId": "768C0EB7-8456-4BF4-8598-3401A54D21DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "5332B70A-F6B0-4C3B-90E2-5CBFB3326126",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15 on EX Series; 12.3X48 versions prior to 12.3X48-D85 on SRX Series; 14.1X53 versions prior to 14.1X53-D51; 15.1 versions prior to 15.1F6-S13, 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238; 16.1 versions prior to 16.1R4-S13, 16.1R7-S5; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S5; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S2, 19.1R2."
},
{
"lang": "es",
"value": "Una vulnerabilidad de fijaci\u00f3n de sesi\u00f3n en J-Web en Junos OS puede permitir a un atacante utilizar t\u00e9cnicas de ingenier\u00eda social para arreglar y secuestrar una sesi\u00f3n web de administradores de J-Web y potencialmente conseguir acceso administrativo al dispositivo. Este problema afecta a: Juniper Networks Junos OS versiones 12.3 anteriores a 12.3R12-S15 en la serie EX; versiones 12.3X48 anteriores a 12.3X48-D85 en la serie SRX; versiones 14.1X53 anteriores a 14.1X53-D51; versiones 15.1 anteriores a 15.1F6-S13, 15.1R7-S5; versiones 15.1X49 anteriores a 15.1X49-D180 en la serie SRX; versiones 15.1X53 anteriores a 15.1X53-D238; versiones 16.1 anteriores a 16.1R4-S13, 16.1R7-S5; versiones 16.2 anteriores a 16.2R2-S10; versiones 17.1 anteriores a 17.1R3-S1; versiones 17.2 anteriores a 17.2R2-S8, 17.2R3-S3; versiones 17.3 anteriores a 17.3R3-S5; versiones 17.4 anteriores a 17.4R2-S8, 17.4R3; versiones 18.1 anteriores a 18.1R3-S8; versiones 18.2 anteriores a 18.2R3; versiones 18.3 anteriores a 18.3R3; versiones 18.4 anteriores a 18.4R2; versiones 19.1 anteriores a 19.1R1-S2, 19.1R2."
}
],
"id": "CVE-2019-0062",
"lastModified": "2024-11-21T04:16:10.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-09T20:15:17.223",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10961"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-09 20:15
Modified
2024-11-21 04:16
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the srxpfe process on Protocol Independent Multicast (PIM) enabled SRX series devices may lead to crash of the srxpfe process and an FPC reboot while processing (PIM) messages. Sustained receipt of these packets may lead to an extended denial of service condition. Affected releases are Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D80; 15.1X49 versions prior to 15.1X49-D160; 17.3 versions prior to 17.3R3-S7 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R2; 18.3 versions prior to 18.3R2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA10976 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA10976 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*",
"matchCriteriaId": "AC1FED64-8725-4978-9EBF-E3CD8EF338E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
"matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
"matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*",
"matchCriteriaId": "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*",
"matchCriteriaId": "27A6BF09-ABBF-4126-ADD6-B174937F8554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*",
"matchCriteriaId": "E288F54B-AEA3-412F-85A4-EBDFE74DB84F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
"matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
"matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
"matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*",
"matchCriteriaId": "A283D32F-1CAF-4A5A-83E1-585F2801771F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "32F83E8B-A816-4F26-95F8-F0DA7F3DF426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2C433359-BC8B-4E69-BE74-A31EB148083A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "565AE6D8-28A9-4A62-A886-5BAB954695D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C366F93-BB30-4144-99AE-40B676977834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "488BB10A-1360-42E5-A68D-23D51B332850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "64988F0A-E02C-455B-99C9-4059C896416F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "DC2ACA85-FA89-40F0-A2AD-778E1CB02A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "9F431D3D-5D55-45A9-98E8-00CB1D4C0196",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*",
"matchCriteriaId": "A00CA6FB-8F28-4171-B510-8DBA351E80C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "605F1AD7-5B09-44F0-9017-15AB3EEE559C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*",
"matchCriteriaId": "4E4EB6B0-8DB2-4199-96E4-30195D49F756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*",
"matchCriteriaId": "9D8A8E33-473A-4A40-A7B7-47086BB9012A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*",
"matchCriteriaId": "F0F65DCA-34B9-4CE8-91C9-426AAAEB4097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "0E0CE79A-157D-47DE-BE65-936BC12470EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "05060C06-18C1-40E8-AE01-385B036CC9AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "006EE425-A146-4E10-B050-7E754BB8402A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "2B482BCC-1F0C-47AA-B63B-1B39CEF7B2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s5:*:*:*:*:*:*",
"matchCriteriaId": "A636F9F2-2DA7-4A27-AD80-FD1B34DFCA94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s6:*:*:*:*:*:*",
"matchCriteriaId": "4EC7D216-D8F3-4ABD-97C9-4C9FB6DF64FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s7:*:*:*:*:*:*",
"matchCriteriaId": "5E327643-D8D8-4EFA-9F38-BA862A919501",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*",
"matchCriteriaId": "0DFDD907-5305-4602-8A9C-685AA112C342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "84F5BCBA-404B-4BC9-B363-CE6D231B0D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "18A4CA3E-DA61-49CC-8476-3A476CCB2B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "A7380B3E-09F5-4497-86C6-11EF56BD89F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "658841A9-BEC9-433E-81D0-47DE82887C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "C97683B3-A07B-428F-9535-C49B55305679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "A14CE132-C56B-43D8-A248-AB6A2D1A7B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "73978DD8-BD92-4872-8F35-AF2B9BCA1ECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "678F57D1-2595-4AF3-BB87-AF2E1FE3CBB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "7988CE92-71D2-4EEC-B596-4A60E2C1136A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "330D176F-8DAD-440C-A623-44FA233FAB01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*",
"matchCriteriaId": "238EC996-8E8C-4332-916F-09E54E6EBB9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*",
"matchCriteriaId": "1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "5342C3DC-D640-47AB-BD76-3444852988A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "A2ABC574-B3FC-4025-B50D-7F9EEB28C806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "6F6EAFC3-C3AC-4361-8530-39FCF89702F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the srxpfe process on Protocol Independent Multicast (PIM) enabled SRX series devices may lead to crash of the srxpfe process and an FPC reboot while processing (PIM) messages. Sustained receipt of these packets may lead to an extended denial of service condition. Affected releases are Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D80; 15.1X49 versions prior to 15.1X49-D160; 17.3 versions prior to 17.3R3-S7 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R2; 18.3 versions prior to 18.3R2."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el proceso srxpfe en los dispositivos de la Serie SRX con Protocol Independent Multicast (PIM) habilitado, puede conllevar al bloqueo del proceso srxpfe y un reinicio de FPC durante el procesamiento de mensajes (PIM). La recepci\u00f3n sostenida de estos paquetes puede conllevar a una condici\u00f3n de denegaci\u00f3n de servicio extendida. Las versiones afectadas son Juniper Networks Junos OS en la serie SRX: versiones 12.3X48 anteriores a 12.3X48-D80; versiones 15.1X49 anteriores a 15.1X49-D160; versiones 17.3 anteriores a 17.3R3-S7, versiones 17.4 anteriores a 17.4R2-S8, 17.4R3; versiones 18.1 anteriores a 18.1R3-S8; versiones 18.2 anteriores a 18.2R2; versiones 18.3 anteriores a 18.3R2."
}
],
"id": "CVE-2019-0075",
"lastModified": "2024-11-21T04:16:12.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-09T20:15:18.520",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10976"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-09 20:15
Modified
2024-11-21 04:16
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:a1:*:*:*:*:*:*",
"matchCriteriaId": "83AB8877-3DC0-4B8C-B864-1BF18C368337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*",
"matchCriteriaId": "C56F5C48-BA48-4EE1-88BE-782B3CFB3B90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
"matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s1:*:*:*:*:*:*",
"matchCriteriaId": "AC196685-3B0C-4754-AE6A-6BE456CC6B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s2:*:*:*:*:*:*",
"matchCriteriaId": "F0146AA9-C513-4871-A62A-52C9F40EB958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s3:*:*:*:*:*:*",
"matchCriteriaId": "A18672EF-E33D-4ACE-BB0A-561812F502C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s4:*:*:*:*:*:*",
"matchCriteriaId": "CEF0E75F-831E-40B8-926D-B2E92A84E31B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*",
"matchCriteriaId": "0E0ECBD8-3D66-49DA-A557-5695159F0C06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*",
"matchCriteriaId": "0EAA2998-A0D6-4818-9E7C-25E8099403E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*",
"matchCriteriaId": "2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*",
"matchCriteriaId": "71D211B9-B2FE-4324-AAEE-8825D5238E48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f6-s3:*:*:*:*:*:*",
"matchCriteriaId": "CA0D028E-0B07-4CB2-863A-527806B9917C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r4-s9:*:*:*:*:*:*",
"matchCriteriaId": "F8CD62D3-0894-426E-80A8-CEBCBD49810F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*",
"matchCriteriaId": "08FC0245-A4FF-42C0-A236-8569301E351A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "120EA9E3-788B-4CFD-A74F-17111FFD0131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r6-s6:*:*:*:*:*:*",
"matchCriteriaId": "C8257676-7AA7-4B39-A8F8-685843D0685B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r7-s1:*:*:*:*:*:*",
"matchCriteriaId": "33A3ECF9-AA4D-41F9-8441-1EB5F1DB882E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
"matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
"matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
"matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*",
"matchCriteriaId": "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*",
"matchCriteriaId": "C808E08F-1992-43DD-A106-E920DC784831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
"matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
"matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
"matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
"matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
"matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
"matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*",
"matchCriteriaId": "BBD36C0D-0F44-4349-968D-4CD60F281D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d230:*:*:*:*:*:*",
"matchCriteriaId": "3E364FE2-5FB1-4E14-8DF5-CA21F4BFBBC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d231:*:*:*:*:*:*",
"matchCriteriaId": "7F22C4C2-20E0-428F-A9BF-37E8BD63A9E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d232:*:*:*:*:*:*",
"matchCriteriaId": "71334963-7BF1-49DB-84E6-D6F2A927458B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d233:*:*:*:*:*:*",
"matchCriteriaId": "E773AA7F-AB97-488A-B73D-682FB5553B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d234:*:*:*:*:*:*",
"matchCriteriaId": "E9196882-FE7B-489A-81AC-55355864DA93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d235:*:*:*:*:*:*",
"matchCriteriaId": "93CCFF32-D589-4E84-9A08-D667B14B0B73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d236:*:*:*:*:*:*",
"matchCriteriaId": "F218BBE0-8F18-4A8E-8C95-8249B6776958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d237:*:*:*:*:*:*",
"matchCriteriaId": "E56F9D8C-27AA-43EC-9043-7A480265CE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d25:*:*:*:*:*:*",
"matchCriteriaId": "1DD0B95A-7C9F-4A18-9CD8-BA344DEFC9D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
"matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d31:*:*:*:*:*:*",
"matchCriteriaId": "6F3ED4F6-483F-41DC-BBCF-3605641ACAD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
"matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
"matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
"matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d40:*:*:*:*:*:*",
"matchCriteriaId": "C2B5ED13-F998-447C-8FEA-047FE9FE2F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d45:*:*:*:*:*:*",
"matchCriteriaId": "65F3CD2A-D5E1-4EFF-9013-6D81B396F765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d470:*:*:*:*:*:*",
"matchCriteriaId": "AE20A296-0B0D-47B6-8F63-3B664D0F549C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d495:*:*:*:*:*:*",
"matchCriteriaId": "723FD85C-C763-4017-B6BF-0CA707997D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d56:*:*:*:*:*:*",
"matchCriteriaId": "3978B35D-5745-47BC-A56F-A0678AB0F3E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d59:*:*:*:*:*:*",
"matchCriteriaId": "92E31AF0-83EB-4570-A6DE-4308BE0D3A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*",
"matchCriteriaId": "962CCED8-E321-4878-9BE6-0DC33778559A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*",
"matchCriteriaId": "2B08B97A-5D4D-405B-A1C4-9E327E4EED35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*",
"matchCriteriaId": "738C1061-E8B8-4924-AFE9-5E59F22CA4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*",
"matchCriteriaId": "9071DC8C-D0AA-448E-82BF-7C801199193F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d64:*:*:*:*:*:*",
"matchCriteriaId": "395CC50B-9042-4B12-9A1C-A8D5D571DC25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d65:*:*:*:*:*:*",
"matchCriteriaId": "F0396190-54A5-4F11-8530-B5EC7BCBC85A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d66:*:*:*:*:*:*",
"matchCriteriaId": "E56CF063-0CB3-4BD6-978B-B9D7C0C8C4AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d69:*:*:*:*:*:*",
"matchCriteriaId": "7DEF14A2-388F-413F-BBB4-39548BDF1E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d70:*:*:*:*:*:*",
"matchCriteriaId": "88BAA95F-7CA2-46A0-8F60-588941AF3E44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:-:*:*:*:*:*:*",
"matchCriteriaId": "258A380C-1EA0-407D-B7E3-4A2E8820119C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "BBE35BDC-7739-4854-8BB8-E8600603DE9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "2DC47132-9EEA-4518-8F86-5CD231FBFB61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "CD5A30CE-9498-4007-8E66-FD0CC6CF1836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "6D3E38C1-808C-4BD3-993D-F30855F5390F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*",
"matchCriteriaId": "72194CB7-FFDC-4897-9D6E-EA3459DDDEB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r5-s4:*:*:*:*:*:*",
"matchCriteriaId": "C88635DB-09B1-4DA1-8FC3-2F7A7E42819C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "92F35C19-5AD2-4F98-8313-2E880714DF3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r6-s1:*:*:*:*:*:*",
"matchCriteriaId": "DF5A9D31-ED7D-4390-B46D-7E46089DB932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r7:*:*:*:*:*:*",
"matchCriteriaId": "6B4A4960-0241-4BF4-8857-8B7BE33466B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9677CE18-B955-432F-BA2B-AAE3D0CA0F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "3661BC68-6F32-447F-8D20-FD73FBBED9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "5B6097D4-3856-4696-9A26-5B6C0FD9AD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "84DD80BF-BF7E-447B-AA74-00B3D8036E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "57B89EEB-222D-46AA-BC8F-4EE7E17BA7B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s5:*:*:*:*:*:*",
"matchCriteriaId": "ECAE613D-1317-4D2E-8A61-980CD5DEAED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s6:*:*:*:*:*:*",
"matchCriteriaId": "BAB2D63C-C966-42CA-85A9-09820D00A2D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CC9B5CDE-3A50-4CD3-962A-FA0989939F37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "7572C187-4D58-4E0D-A605-B2B13EFF5C6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4E0D42C4-9B4D-44F9-BC84-E7994404598B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "DE2C20D8-3C73-4B87-BA41-DBFBCA5FBA58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "54D887B4-D2F4-4537-8298-B98D01396F12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "1C1B5AE6-A323-4744-BCA1-25E46D2D27BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s5:*:*:*:*:*:*",
"matchCriteriaId": "0AB39E2F-0D67-4FA6-84B8-36684E971002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s6:*:*:*:*:*:*",
"matchCriteriaId": "A32C3702-48DE-47CF-B0D1-3A629676AD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s7:*:*:*:*:*:*",
"matchCriteriaId": "B9695B3E-FCDA-4DF0-B714-8B4F87AA647D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s8:*:*:*:*:*:*",
"matchCriteriaId": "36214C23-82C8-4A3E-9FF8-04F85FF8B2B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:-:*:*:*:*:*:*",
"matchCriteriaId": "BCEE8D9C-6D64-4A9B-A74A-57A0BF4086C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "595987A6-D8CE-41ED-B51C-EF9CD3B47AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s4:*:*:*:*:*:*",
"matchCriteriaId": "CFA3526C-FF53-4823-B6AC-0BA91BFB532D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "7D45F2C3-20FF-4A91-A440-E109B3CCE7C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*",
"matchCriteriaId": "A283D32F-1CAF-4A5A-83E1-585F2801771F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "32F83E8B-A816-4F26-95F8-F0DA7F3DF426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2C433359-BC8B-4E69-BE74-A31EB148083A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "BCA2976C-C84B-40D9-A806-588629BFFB13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3."
},
{
"lang": "es",
"value": "Una debilidad de valor de retorno de estado inesperado en el Next-Generation Multicast VPN (NG-mVPN) de Juniper Networks Junos OS, permite al atacante causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) y centrar el proceso del demonio del protocolo de enrutamiento (rpd) cuando un paquete IPv4 malformado espec\u00edfico es recibido por parte del dispositivo que ejecuta BGP. Este paquete malformado puede ser creado y enviado hacia un dispositivo v\u00edctima, incluso cuando se reenv\u00eda directamente por medio de un dispositivo que recibe dicho paquete malformado, pero no si el paquete malformado se desencapsula primero desde un formato encapsulado por un dispositivo receptor. La recepci\u00f3n continua del paquete malformado resultar\u00e1 en una condici\u00f3n de Denegaci\u00f3n de Servicio sostenida. Este problema afecta a: Juniper Networks Junos OS versiones 15.1 anteriores a 15.1F6-S12, 15.1R7-S2; versiones 15.1X49 anteriores a 15.1X49-D150 en la serie SRX; versiones 15.1X53 anteriores a 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; versiones 16.1 anteriores a 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; versiones 16.2 anteriores a 16.2R2-S7; versiones 17.1 anteriores a 17.1R2-S9, 17.1R3; versiones 17.2 anteriores a 17.2R1-S7, 17.2R2-S6, 17.2R3; versiones 17.3 anteriores a 17.3R2-S4, 17.3R3."
}
],
"id": "CVE-2019-0066",
"lastModified": "2024-11-21T04:16:10.697",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-09T20:15:17.630",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10965"
},
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-394"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-22 20:15
Modified
2024-11-21 05:42
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA11157 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA11157 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2."
},
{
"lang": "es",
"value": "El uso de m\u00faltiples claves criptogr\u00e1ficas embebidas en el software de la serie cSRX en Juniper Networks Junos OS, permite a un atacante tomar el control de cualquier instancia de una implementaci\u00f3n de cSRX a trav\u00e9s de servicios de administraci\u00f3n de dispositivos.\u0026#xa0;Este problema afecta a: Juniper Networks Junos OS en la serie cSRX: todas las versiones anteriores a 20.2R3;\u0026#xa0;20.3 versiones anteriores a 20.3R2;\u0026#xa0;versiones 20.4 anteriores a 20.4R2"
}
],
"id": "CVE-2021-0266",
"lastModified": "2024-11-21T05:42:21.447",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-22T20:15:09.877",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA11157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA11157"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-321"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-09 20:15
Modified
2024-11-21 04:16
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D90; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions; 17.4 versions prior to 17.4R2-S5, 17.4R3; 18.1 versions prior to 18.1R3-S6; 18.2 versions prior to 18.2R2-S4, 18.2R3; 18.3 versions prior to 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S1, 19.1R2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA10968 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA10968 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
"matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
"matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*",
"matchCriteriaId": "5FF83BD0-3B28-481E-8C8F-09ECDA493DA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*",
"matchCriteriaId": "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*",
"matchCriteriaId": "3C82799B-BD25-4359-9E3D-4D7CA7367525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*",
"matchCriteriaId": "094485FF-960C-4533-A2AF-6C4D420D260D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*",
"matchCriteriaId": "F8BE3661-1DE5-4F57-9384-68C1B34F6812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*",
"matchCriteriaId": "B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*",
"matchCriteriaId": "C6C694C6-C58C-4513-91E8-6CC22A2386E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*",
"matchCriteriaId": "6B65EF51-ED97-4973-94C4-8F66C553F190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*",
"matchCriteriaId": "9EE7C08A-2A4B-4A84-AD95-A890913E2EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*",
"matchCriteriaId": "44C61900-680C-4C74-8B96-ACC93FE9465E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d70:*:*:*:*:*:*",
"matchCriteriaId": "B6C38637-ABE0-419A-A053-CBE076766551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d75:*:*:*:*:*:*",
"matchCriteriaId": "1F87EF0D-E609-4D4A-B228-CEF05C753E68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d80:*:*:*:*:*:*",
"matchCriteriaId": "4484081E-E2E9-4858-8960-144D820CF7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d85:*:*:*:*:*:*",
"matchCriteriaId": "4D12F342-3A79-4F94-BFD0-F1A0942CFFB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
"matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
"matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
"matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*",
"matchCriteriaId": "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*",
"matchCriteriaId": "C808E08F-1992-43DD-A106-E920DC784831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*",
"matchCriteriaId": "E288F54B-AEA3-412F-85A4-EBDFE74DB84F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d160:*:*:*:*:*:*",
"matchCriteriaId": "02AAC05C-1C4B-4F35-A286-52D20DFD6212",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d170:*:*:*:*:*:*",
"matchCriteriaId": "080422D3-B508-4049-B558-4B04BF2E8AB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
"matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
"matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
"matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
"matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*",
"matchCriteriaId": "A283D32F-1CAF-4A5A-83E1-585F2801771F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "32F83E8B-A816-4F26-95F8-F0DA7F3DF426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2C433359-BC8B-4E69-BE74-A31EB148083A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "565AE6D8-28A9-4A62-A886-5BAB954695D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C366F93-BB30-4144-99AE-40B676977834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "488BB10A-1360-42E5-A68D-23D51B332850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "64988F0A-E02C-455B-99C9-4059C896416F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "DC2ACA85-FA89-40F0-A2AD-778E1CB02A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "9F431D3D-5D55-45A9-98E8-00CB1D4C0196",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*",
"matchCriteriaId": "A00CA6FB-8F28-4171-B510-8DBA351E80C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "605F1AD7-5B09-44F0-9017-15AB3EEE559C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*",
"matchCriteriaId": "4E4EB6B0-8DB2-4199-96E4-30195D49F756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "0E0CE79A-157D-47DE-BE65-936BC12470EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "05060C06-18C1-40E8-AE01-385B036CC9AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "006EE425-A146-4E10-B050-7E754BB8402A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "2B482BCC-1F0C-47AA-B63B-1B39CEF7B2C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*",
"matchCriteriaId": "0DFDD907-5305-4602-8A9C-685AA112C342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "84F5BCBA-404B-4BC9-B363-CE6D231B0D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "18A4CA3E-DA61-49CC-8476-3A476CCB2B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "A7380B3E-09F5-4497-86C6-11EF56BD89F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "658841A9-BEC9-433E-81D0-47DE82887C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "C97683B3-A07B-428F-9535-C49B55305679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "A14CE132-C56B-43D8-A248-AB6A2D1A7B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "73978DD8-BD92-4872-8F35-AF2B9BCA1ECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "678F57D1-2595-4AF3-BB87-AF2E1FE3CBB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*",
"matchCriteriaId": "238EC996-8E8C-4332-916F-09E54E6EBB9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "21B7820C-01D2-401C-9E6D-C83994FD5961",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "3D2FBD29-2CAC-41B4-9336-671373EF4A7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "EEFCDA90-67E2-4AEF-800C-1D29A9121B8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*",
"matchCriteriaId": "1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "5342C3DC-D640-47AB-BD76-3444852988A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "A2ABC574-B3FC-4025-B50D-7F9EEB28C806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "6F6EAFC3-C3AC-4361-8530-39FCF89702F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "B7A3FBD3-5399-42A9-9BD9-E3C981CBD6DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
"matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "EE1F82EC-3222-4158-8923-59CDA1909A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*",
"matchCriteriaId": "8FE95D15-B5E5-4E74-9464-C72D8B646A6B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*",
"matchCriteriaId": "768C0EB7-8456-4BF4-8598-3401A54D21DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "5332B70A-F6B0-4C3B-90E2-5CBFB3326126",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D90; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions; 17.4 versions prior to 17.4R2-S5, 17.4R3; 18.1 versions prior to 18.1R3-S6; 18.2 versions prior to 18.2R2-S4, 18.2R3; 18.3 versions prior to 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S1, 19.1R2."
},
{
"lang": "es",
"value": "El proceso flowd SRX, responsable del reenv\u00edo de paquetes, puede bloquearse y reiniciarse cuando se procesan paquetes de multidifusi\u00f3n espec\u00edficos. Mediante el env\u00edo de manera continua de los paquetes de multidifusi\u00f3n espec\u00edficos, un atacante puede bloquear repetidamente el proceso flowd causando una Denegaci\u00f3n de Servicio sostenida. Este problema afecta al Juniper Networks Junos OS en la serie SRX: versiones 12.3X48 anteriores a 12.3X48-D90; versiones 15.1X49 anteriores a 15.1X49-D180; versiones 17.3; versiones 17.4 anteriores a 17.4R2-S5, 17.4R3; versiones 18.1 anteriores a 18.1R3-S6; versiones 18.2 anteriores a 18.2R2-S4, 18.2R3; versiones 18.3 anteriores a 18.3R2-S1, 18.3R3; versiones 18.4 anteriores a 18.4R2; versiones 19.1 anteriores a 19.1R1-S1, 19.1R2."
}
],
"id": "CVE-2019-0068",
"lastModified": "2024-11-21T04:16:10.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-09T20:15:17.800",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10968"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10968"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-09 20:15
Modified
2024-11-21 04:16
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*",
"matchCriteriaId": "27A6BF09-ABBF-4126-ADD6-B174937F8554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
"matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
"matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
"matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*",
"matchCriteriaId": "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*",
"matchCriteriaId": "C808E08F-1992-43DD-A106-E920DC784831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*",
"matchCriteriaId": "E288F54B-AEA3-412F-85A4-EBDFE74DB84F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d160:*:*:*:*:*:*",
"matchCriteriaId": "02AAC05C-1C4B-4F35-A286-52D20DFD6212",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d170:*:*:*:*:*:*",
"matchCriteriaId": "080422D3-B508-4049-B558-4B04BF2E8AB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
"matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
"matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
"matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
"matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*",
"matchCriteriaId": "238EC996-8E8C-4332-916F-09E54E6EBB9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
"matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series."
},
{
"lang": "es",
"value": "El proceso flowd, responsable de reenviar el tr\u00e1fico en las puertas de enlace de servicios de la Serie SRX, puede bloquearse y reiniciarse cuando se procesan paquetes IP de tr\u00e1nsito espec\u00edfico por medio de un t\u00fanel IPSec. El procesamiento continuo de estos paquetes puede resultar en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) extendida. Este problema solo se presenta cuando los t\u00faneles IPSec est\u00e1n configurados. Los sistemas sin configuraciones de t\u00fanel IPSec no son vulnerables a este problema. Este problema afecta a Juniper Networks Junos OS: versiones 15.1X49 anteriores a 15.1X49-D171, 15.1X49-D180 en la serie SRX; versiones 18.2 hasta 18.2R2-S1 y posteriores, versiones anteriores a 18.2R3 en la serie SRX; versiones 18.4 anteriores a 18.4R2 en la serie SRX."
}
],
"id": "CVE-2019-0060",
"lastModified": "2024-11-21T04:16:09.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-09T20:15:16.987",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10959"
},
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-18 03:15
Modified
2024-11-21 06:46
Severity ?
Summary
On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-privileged attacker to elevate their permissions to take control of any instance of a cSRX software deployment. This issue affects Juniper Networks Junos OS 20.2 version 20.2R1 and later versions prior to 21.2R1 on cSRX Series.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA69908 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA69908 | Mitigation, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F706555A-8840-4EC4-ABCC-5EE92EDA050D",
"versionEndExcluding": "21.2",
"versionStartIncluding": "20.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-privileged attacker to elevate their permissions to take control of any instance of a cSRX software deployment. This issue affects Juniper Networks Junos OS 20.2 version 20.2R1 and later versions prior to 21.2R1 on cSRX Series."
},
{
"lang": "es",
"value": "En los dispositivos cSRX Series, los problemas de permisos de software en el sistema de archivos del contenedor y los archivos almacenados, combinados con el almacenamiento de contrase\u00f1as en un formato recuperable en Junos OS de Juniper Networks, permiten a un atacante local poco privilegiado elevar sus permisos para tomar el control de cualquier instancia de una implementaci\u00f3n de software cSRX. Este problema afecta a Juniper Networks Junos OS 20.2 versi\u00f3n 20.2R1 y versiones posteriores anteriores a 21.2R1 en cSRX Series"
}
],
"id": "CVE-2022-22251",
"lastModified": "2024-11-21T06:46:29.557",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "sirt@juniper.net",
"type": "Primary"
}
]
},
"published": "2022-10-18T03:15:11.657",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA69908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA69908"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-257"
},
{
"lang": "en",
"value": "CWE-275"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-09 20:15
Modified
2024-11-21 04:16
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the integrity and confidentiality of the device. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D120 on SRX Series devices. No other versions of Junos OS are affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | junos | 15.1x49 | |
| juniper | csrx | - | |
| juniper | srx100 | - | |
| juniper | srx110 | - | |
| juniper | srx1400 | - | |
| juniper | srx1500 | - | |
| juniper | srx210 | - | |
| juniper | srx220 | - | |
| juniper | srx240 | - | |
| juniper | srx300 | - | |
| juniper | srx320 | - | |
| juniper | srx340 | - | |
| juniper | srx3400 | - | |
| juniper | srx345 | - | |
| juniper | srx3600 | - | |
| juniper | srx4100 | - | |
| juniper | srx4200 | - | |
| juniper | srx4600 | - | |
| juniper | srx5400 | - | |
| juniper | srx550 | - | |
| juniper | srx550_hm | - | |
| juniper | srx5600 | - | |
| juniper | srx5800 | - | |
| juniper | srx650 | - | |
| juniper | vsrx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*",
"matchCriteriaId": "27A6BF09-ABBF-4126-ADD6-B174937F8554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
"matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
"matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
"matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
"matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
"matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
"matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the integrity and confidentiality of the device. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D120 on SRX Series devices. No other versions of Junos OS are affected."
},
{
"lang": "es",
"value": "Una debilidad de Comprobaci\u00f3n de Certificado Inapropiada en el cliente de actualizaci\u00f3n de firma de SRX Series Application Identification (app-id) de Juniper Networks Junos OS, permite a un atacante realizar ataques de tipo Man-in-the-Middle (MitM) que pueden comprometer la integridad y confidencialidad del dispositivo . Este problema afecta a: Juniper Networks Junos OS versiones 15.1X49 anteriores a 15.1X49-D120 en dispositivos de la Serie SRX. Ninguna otra versi\u00f3n del sistema operativo Junos est\u00e1 afectada."
}
],
"id": "CVE-2019-0054",
"lastModified": "2024-11-21T04:16:08.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-09T20:15:16.347",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10952"
},
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-application-identification-overview.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-application-identification-overview.html"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
},
{
"lang": "en",
"value": "CWE-300"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-14 17:15
Modified
2024-11-21 07:56
Severity ?
Summary
An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). Continued receipt of this specific packet will cause a sustained Denial of Service condition.
On all SRX Series and MX Series platforms, where IDP is enabled and a specific malformed SSL packet is received, the SSL detector crashes leading to an FPC core.
This issue affects Juniper Networks SRX Series and MX Series prior to SigPack 3598.
In order to identify the current SigPack version, following command can be used:
user@junos# show security idp security-package-version
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA71662 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA71662 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos | - | |
| juniper | vsrx | - | |
| juniper | csrx | - | |
| juniper | mx10 | - | |
| juniper | mx10000 | - | |
| juniper | mx10003 | - | |
| juniper | mx10008 | - | |
| juniper | mx10016 | - | |
| juniper | mx104 | - | |
| juniper | mx150 | - | |
| juniper | mx2008 | - | |
| juniper | mx2010 | - | |
| juniper | mx2020 | - | |
| juniper | mx204 | - | |
| juniper | mx240 | - | |
| juniper | mx40 | - | |
| juniper | mx480 | - | |
| juniper | mx5 | - | |
| juniper | mx80 | - | |
| juniper | mx960 | - | |
| juniper | srx100 | - | |
| juniper | srx110 | - | |
| juniper | srx1400 | - | |
| juniper | srx1500 | - | |
| juniper | srx210 | - | |
| juniper | srx220 | - | |
| juniper | srx240 | - | |
| juniper | srx240h2 | - | |
| juniper | srx240m | - | |
| juniper | srx300 | - | |
| juniper | srx320 | - | |
| juniper | srx340 | - | |
| juniper | srx3400 | - | |
| juniper | srx345 | - | |
| juniper | srx3600 | - | |
| juniper | srx380 | - | |
| juniper | srx4000 | - | |
| juniper | srx4100 | - | |
| juniper | srx4200 | - | |
| juniper | srx4600 | - | |
| juniper | srx5000 | - | |
| juniper | srx5400 | - | |
| juniper | srx550 | - | |
| juniper | srx550_hm | - | |
| juniper | srx550m | - | |
| juniper | srx5600 | - | |
| juniper | srx5800 | - | |
| juniper | srx650 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432CAEBA-3386-4FC5-8416-4277114500F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36F68E75-E6C6-4DB4-AE0E-C5637ECE7C88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52699E2B-450A-431C-81E3-DC4483C8B4F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5627740-42E3-4FB1-B8B9-0B768AFFA1EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx10016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C39DA74D-F5C7-4C11-857D-50631A110644",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F72C850A-0530-4DB7-A553-7E19F82122B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE2089C-F341-4DC1-B76D-633BC699306D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27175D9A-CA2C-4218-8042-835E25DFCA43",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00C7FC57-8ACF-45AA-A227-7E3B350FD24F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2754C2DF-DF6E-4109-9463-38B4E0465B77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A26704-A6A4-4C4F-9E12-A0A0259491EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C982A2FF-A1F9-4830-BAB6-77CFCE1F093F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*",
"matchCriteriaId": "104858BD-D31D-40E0-8524-2EC311F10EAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B557965-0040-4048-B56C-F564FF28635B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB875EBD-A3CD-4466-B2A3-39D47FF94592",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E08E1E-0FE4-4294-9497-BBFFECA2A220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E020556B-693F-4963-BA43-3164AB50FA49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0D31FF-0812-42B8-B25E-03C35EC1B021",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A03463-6B1D-4DBA-9E89-CAD5E899B98B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52F0B735-8C49-4B08-950A-296C9CDE43CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). Continued receipt of this specific packet will cause a sustained Denial of Service condition.\n\nOn all SRX Series and MX Series platforms, where IDP is enabled and a specific malformed SSL packet is received, the SSL detector crashes leading to an FPC core.\n\nThis issue affects Juniper Networks SRX Series and MX Series prior to SigPack 3598.\n\nIn order to identify the current SigPack version, following command can be used:\n\nuser@junos# show security idp security-package-version"
}
],
"id": "CVE-2023-28985",
"lastModified": "2024-11-21T07:56:20.603",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Primary"
}
]
},
"published": "2023-07-14T17:15:09.050",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA71662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA71662"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1286"
}
],
"source": "sirt@juniper.net",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-14 15:15
Modified
2024-11-21 08:10
Severity ?
Summary
An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series causes a jbuf memory leak to occur when accessing certain websites, eventually leading to a Denial of Service (DoS) condition. Service restoration is only possible by rebooting the system.
The jbuf memory leak only occurs in SSL Proxy and UTM Web-Filtering configurations. Other products, platforms, and configurations are not affected by this vulnerability.
This issue affects Juniper Networks Junos OS on SRX Series:
22.2 versions prior to 22.2R3;
22.3 versions prior to 22.3R2-S1, 22.3R3;
22.4 versions prior to 22.4R1-S2, 22.4R2.
This issue does not affect Juniper Networks Junos OS versions prior to 22.2R2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA71636 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA71636 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.3 | |
| juniper | junos | 22.3 | |
| juniper | junos | 22.3 | |
| juniper | junos | 22.3 | |
| juniper | junos | 22.4 | |
| juniper | junos | 22.4 | |
| juniper | vsrx | - | |
| juniper | csrx | - | |
| juniper | srx100 | - | |
| juniper | srx110 | - | |
| juniper | srx1400 | - | |
| juniper | srx1500 | - | |
| juniper | srx210 | - | |
| juniper | srx220 | - | |
| juniper | srx240 | - | |
| juniper | srx240h2 | - | |
| juniper | srx240m | - | |
| juniper | srx300 | - | |
| juniper | srx320 | - | |
| juniper | srx340 | - | |
| juniper | srx3400 | - | |
| juniper | srx345 | - | |
| juniper | srx3600 | - | |
| juniper | srx380 | - | |
| juniper | srx4000 | - | |
| juniper | srx4100 | - | |
| juniper | srx4200 | - | |
| juniper | srx4600 | - | |
| juniper | srx5000 | - | |
| juniper | srx5400 | - | |
| juniper | srx550 | - | |
| juniper | srx550_hm | - | |
| juniper | srx550m | - | |
| juniper | srx5600 | - | |
| juniper | srx5800 | - | |
| juniper | srx650 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36F68E75-E6C6-4DB4-AE0E-C5637ECE7C88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E020556B-693F-4963-BA43-3164AB50FA49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0D31FF-0812-42B8-B25E-03C35EC1B021",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A03463-6B1D-4DBA-9E89-CAD5E899B98B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52F0B735-8C49-4B08-950A-296C9CDE43CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series causes a jbuf memory leak to occur when accessing certain websites, eventually leading to a Denial of Service (DoS) condition. Service restoration is only possible by rebooting the system.\n\nThe jbuf memory leak only occurs in SSL Proxy and UTM Web-Filtering configurations. Other products, platforms, and configurations are not affected by this vulnerability.\n\nThis issue affects Juniper Networks Junos OS on SRX Series:\n22.2 versions prior to 22.2R3;\n22.3 versions prior to 22.3R2-S1, 22.3R3;\n22.4 versions prior to 22.4R1-S2, 22.4R2.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 22.2R2.\n"
}
],
"id": "CVE-2023-36831",
"lastModified": "2024-11-21T08:10:41.753",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Primary"
}
]
},
"published": "2023-07-14T15:15:08.913",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA71636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA71636"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-703"
}
],
"source": "sirt@juniper.net",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-14 17:15
Modified
2024-11-21 08:10
Severity ?
Summary
An Out-of-bounds Read vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a local, authenticated attacker with low privileges, to cause a Denial of Service (DoS).
If a low privileged user executes a specific CLI command, flowd which is responsible for traffic forwarding in SRX crashes and generates a core dump. This will cause temporary traffic interruption until the flowd process is restarted automatically. Continued execution of this command will lead to a sustained DoS.
This issue affects Juniper Networks Junos OS on SRX Series:
All versions prior to 20.2R3-S7;
20.3 version 20.3R1 and later versions;
20.4 versions prior to 20.4R3-S6;
21.1 versions prior to 21.1R3-S5;
21.2 versions prior to 21.2R3-S4;
21.3 versions prior to 21.3R3-S4;
21.4 versions prior to 21.4R3-S3;
22.1 versions prior to 22.1R3-S1;
22.2 versions prior to 22.2R3;
22.3 versions prior to 22.3R2;
22.4 versions prior to 22.4R1-S1, 22.4R2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA71645 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA71645 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5DC3ED-1843-467F-903D-2DB6CDFF06F1",
"versionEndExcluding": "20.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*",
"matchCriteriaId": "D4CF52CF-F911-4615-9171-42F84429149F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
"matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "0A80F23B-CD13-4745-BA92-67C23B297A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "67D4004B-1233-4258-9C7A-F05189146B44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "69E33F24-D480-4B5F-956D-D435A551CBE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "6E5E3FDB-3F33-4686-9B64-0152AD41939D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "9C411A2E-A407-44E5-A2B2-3D049FB2DB4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "A352BB7A-6F17-4E64-BC02-1A7E4CD42653",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "F3DC01F2-6DFE-4A8E-9962-5E59AA965935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "7DA0E196-925E-4056-B411-E158702D5D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E33A522F-E35C-4473-9CBD-9C6E5A831086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "E9AE26EB-699B-4B10-87E2-9E731B820F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "A29E0070-47E9-43DD-9303-C732FE8CC851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "A5E7E8D2-5D08-492E-84FC-8803E50F2CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "7B798133-105C-448B-B06E-57327E44E478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "D0D7DB4B-683B-408B-8055-2C992CA43FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "54010163-0810-4CF5-95FE-7E62BC6CA4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "5C1C3B09-3800-493E-A319-57648305FE6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36F68E75-E6C6-4DB4-AE0E-C5637ECE7C88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E020556B-693F-4963-BA43-3164AB50FA49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0D31FF-0812-42B8-B25E-03C35EC1B021",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A03463-6B1D-4DBA-9E89-CAD5E899B98B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52F0B735-8C49-4B08-950A-296C9CDE43CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Out-of-bounds Read vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a local, authenticated attacker with low privileges, to cause a Denial of Service (DoS).\n\nIf a low privileged user executes a specific CLI command, flowd which is responsible for traffic forwarding in SRX crashes and generates a core dump. This will cause temporary traffic interruption until the flowd process is restarted automatically. Continued execution of this command will lead to a sustained DoS.\n\nThis issue affects Juniper Networks Junos OS on SRX Series:\nAll versions prior to 20.2R3-S7;\n20.3 version 20.3R1 and later versions;\n20.4 versions prior to 20.4R3-S6;\n21.1 versions prior to 21.1R3-S5;\n21.2 versions prior to 21.2R3-S4;\n21.3 versions prior to 21.3R3-S4;\n21.4 versions prior to 21.4R3-S3;\n22.1 versions prior to 22.1R3-S1;\n22.2 versions prior to 22.2R3;\n22.3 versions prior to 22.3R2;\n22.4 versions prior to 22.4R1-S1, 22.4R2.\n"
}
],
"id": "CVE-2023-36838",
"lastModified": "2024-11-21T08:10:42.900",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Primary"
}
]
},
"published": "2023-07-14T17:15:09.210",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA71645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA71645"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "sirt@juniper.net",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-09 20:15
Modified
2024-11-21 04:16
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
"matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
"matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*",
"matchCriteriaId": "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*",
"matchCriteriaId": "3C82799B-BD25-4359-9E3D-4D7CA7367525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*",
"matchCriteriaId": "094485FF-960C-4533-A2AF-6C4D420D260D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*",
"matchCriteriaId": "F8BE3661-1DE5-4F57-9384-68C1B34F6812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*",
"matchCriteriaId": "B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*",
"matchCriteriaId": "C6C694C6-C58C-4513-91E8-6CC22A2386E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*",
"matchCriteriaId": "6B65EF51-ED97-4973-94C4-8F66C553F190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*",
"matchCriteriaId": "9EE7C08A-2A4B-4A84-AD95-A890913E2EE3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*",
"matchCriteriaId": "27A6BF09-ABBF-4126-ADD6-B174937F8554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
"matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
"matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
"matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
"matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
"matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
"matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
"matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*",
"matchCriteriaId": "A283D32F-1CAF-4A5A-83E1-585F2801771F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "32F83E8B-A816-4F26-95F8-F0DA7F3DF426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2C433359-BC8B-4E69-BE74-A31EB148083A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*",
"matchCriteriaId": "A00CA6FB-8F28-4171-B510-8DBA351E80C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "605F1AD7-5B09-44F0-9017-15AB3EEE559C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*",
"matchCriteriaId": "4E4EB6B0-8DB2-4199-96E4-30195D49F756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*",
"matchCriteriaId": "9D8A8E33-473A-4A40-A7B7-47086BB9012A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*",
"matchCriteriaId": "F0F65DCA-34B9-4CE8-91C9-426AAAEB4097",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el servicio de procesamiento de paquetes ALG SIP de Juniper Networks Junos OS, permite a un atacante causar una Denegaci\u00f3n de servicio (DoS) al dispositivo mediante el env\u00edo de tipos espec\u00edficos de tr\u00e1fico SIP v\u00e1lido hacia el dispositivo. En este caso, el proceso flowd se bloquea y genera un volcado de n\u00facleo cuando se procesan el tr\u00e1fico ALG SIP. La recepci\u00f3n continua de estos paquetes SIP v\u00e1lidos resultar\u00e1 en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sostenida. Este problema afecta a: Juniper Networks OS de Junos: versiones 12.3X48 anteriores a 12.3X48-D61, 12.3X48-D65 en la serie SRX; versiones 15.1X49 anteriores a 15.1X49-D130 en la serie SRX; versiones 17.3 anteriores a 17.3R3 en la serie SRX; versiones 17.4 anteriores a 17.4R2 en la serie SRX."
}
],
"id": "CVE-2019-0055",
"lastModified": "2024-11-21T04:16:08.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-09T20:15:16.473",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10953"
},
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-130"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2019-0075
Vulnerability from cvelistv5
Published
2019-10-09 19:26
Modified
2024-09-17 00:55
Severity ?
EPSS score ?
Summary
A vulnerability in the srxpfe process on Protocol Independent Multicast (PIM) enabled SRX series devices may lead to crash of the srxpfe process and an FPC reboot while processing (PIM) messages. Sustained receipt of these packets may lead to an extended denial of service condition. Affected releases are Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D80; 15.1X49 versions prior to 15.1X49-D160; 17.3 versions prior to 17.3R3-S7 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R2; 18.3 versions prior to 18.3R2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.juniper.net/JSA10976 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Version: 12.3X48 < 12.3X48-D80 Version: 15.1X49 < 15.1X49-D160 Version: 17.3 < 17.3R3-S7 Version: 17.4 < 17.4R2-S8, 17.4R3 Version: 18.1 < 18.1R3-S8 Version: 18.2 < 18.2R2 Version: 18.3 < 18.3R2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:07.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10976"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "12.3X48-D80",
"status": "affected",
"version": "12.3X48",
"versionType": "custom"
},
{
"lessThan": "15.1X49-D160",
"status": "affected",
"version": "15.1X49",
"versionType": "custom"
},
{
"lessThan": "17.3R3-S7",
"status": "affected",
"version": "17.3",
"versionType": "custom"
},
{
"lessThan": "17.4R2-S8, 17.4R3",
"status": "affected",
"version": "17.4",
"versionType": "custom"
},
{
"lessThan": "18.1R3-S8",
"status": "affected",
"version": "18.1",
"versionType": "custom"
},
{
"lessThan": "18.2R2",
"status": "affected",
"version": "18.2",
"versionType": "custom"
},
{
"lessThan": "18.3R2",
"status": "affected",
"version": "18.3",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue is applicable to devices where PIM is enabled."
}
],
"datePublic": "2019-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the srxpfe process on Protocol Independent Multicast (PIM) enabled SRX series devices may lead to crash of the srxpfe process and an FPC reboot while processing (PIM) messages. Sustained receipt of these packets may lead to an extended denial of service condition. Affected releases are Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D80; 15.1X49 versions prior to 15.1X49-D160; 17.3 versions prior to 17.3R3-S7 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R2; 18.3 versions prior to 18.3R2."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T19:26:18",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.juniper.net/JSA10976"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D80, 15.1X49-D160, 17.3R3-S7*, 17.4R2-S8*, 17.4R3*, 18.2R2, 18.3R2, 18.4R1, and all subsequent releases.\n\n(* pending release)"
}
],
"source": {
"advisory": "JSA10976",
"defect": [
"1397744"
],
"discovery": "USER"
},
"title": "Junos OS: SRX Series: Denial of Service vulnerability in srxpfe related to PIM",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
"ID": "CVE-2019-0075",
"STATE": "PUBLIC",
"TITLE": "Junos OS: SRX Series: Denial of Service vulnerability in srxpfe related to PIM"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "12.3X48",
"version_value": "12.3X48-D80"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "15.1X49",
"version_value": "15.1X49-D160"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "17.3",
"version_value": "17.3R3-S7"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "17.4",
"version_value": "17.4R2-S8, 17.4R3"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "18.1",
"version_value": "18.1R3-S8"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "18.2",
"version_value": "18.2R2"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "18.3",
"version_value": "18.3R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue is applicable to devices where PIM is enabled."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the srxpfe process on Protocol Independent Multicast (PIM) enabled SRX series devices may lead to crash of the srxpfe process and an FPC reboot while processing (PIM) messages. Sustained receipt of these packets may lead to an extended denial of service condition. Affected releases are Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D80; 15.1X49 versions prior to 15.1X49-D160; 17.3 versions prior to 17.3R3-S7 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R2; 18.3 versions prior to 18.3R2."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10976",
"refsource": "MISC",
"url": "https://kb.juniper.net/JSA10976"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D80, 15.1X49-D160, 17.3R3-S7*, 17.4R2-S8*, 17.4R3*, 18.2R2, 18.3R2, 18.4R1, and all subsequent releases.\n\n(* pending release)"
}
],
"source": {
"advisory": "JSA10976",
"defect": [
"1397744"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2019-0075",
"datePublished": "2019-10-09T19:26:18.196483Z",
"dateReserved": "2018-10-11T00:00:00",
"dateUpdated": "2024-09-17T00:55:33.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-0060
Vulnerability from cvelistv5
Published
2019-10-09 19:26
Modified
2024-09-16 20:51
Severity ?
EPSS score ?
Summary
The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.juniper.net/JSA10959 | x_refsource_MISC | |
| https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Version: 15.1X49 < 15.1X49-D171, 15.1X49-D180 Version: 18.2R2-S1 < 18.2* Version: 18.4 < 18.4R2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:07.171Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10959"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "15.1X49-D171, 15.1X49-D180",
"status": "affected",
"version": "15.1X49",
"versionType": "custom"
},
{
"changes": [
{
"at": "18.2R3",
"status": "unaffected"
}
],
"lessThan": "18.2*",
"status": "affected",
"version": "18.2R2-S1",
"versionType": "custom"
},
{
"lessThan": "18.4R2",
"status": "affected",
"version": "18.4",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "The following example shows a sample IPSec tunnel configuration:\n\n [edit security ipsec]\n security-association manual-sa1 {\n ...\n }\n\n [edit interfaces es-0/1/0]\n ...\n family inet {\n ipsec-sa manual-sa1;"
}
],
"datePublic": "2019-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T19:26:17",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.juniper.net/JSA10959"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 15.1X49-D171, 15.1X49-D180, 18.2R3, 18.4R2, 19.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10959",
"defect": [
"1409277"
],
"discovery": "USER"
},
"title": "Junos OS: SRX Series: flowd process crash due to processing of specific transit IP packets",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.8"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
"ID": "CVE-2019-0060",
"STATE": "PUBLIC",
"TITLE": "Junos OS: SRX Series: flowd process crash due to processing of specific transit IP packets"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "15.1X49",
"version_value": "15.1X49-D171, 15.1X49-D180"
},
{
"platform": "SRX Series",
"version_affected": "\u003e=",
"version_name": "18.2",
"version_value": "18.2R2-S1"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "18.2",
"version_value": "18.2R3"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "The following example shows a sample IPSec tunnel configuration:\n\n [edit security ipsec]\n security-association manual-sa1 {\n ...\n }\n\n [edit interfaces es-0/1/0]\n ...\n family inet {\n ipsec-sa manual-sa1;"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.8"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10959",
"refsource": "MISC",
"url": "https://kb.juniper.net/JSA10959"
},
{
"name": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html",
"refsource": "MISC",
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 15.1X49-D171, 15.1X49-D180, 18.2R3, 18.4R2, 19.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10959",
"defect": [
"1409277"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2019-0060",
"datePublished": "2019-10-09T19:26:17.576660Z",
"dateReserved": "2018-10-11T00:00:00",
"dateUpdated": "2024-09-16T20:51:54.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0266
Vulnerability from cvelistv5
Published
2021-04-22 19:37
Modified
2024-09-17 03:13
Severity ?
EPSS score ?
Summary
The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.juniper.net/JSA11157 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Version: unspecified < 20.2R3 Version: 20.3 < 20.3R2 Version: 20.4 < 20.4R2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:32:10.505Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA11157"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"cSRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.2R3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "20.3R2",
"status": "affected",
"version": "20.3",
"versionType": "custom"
},
{
"lessThan": "20.4R2",
"status": "affected",
"version": "20.4",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321 Use of Hard-coded Cryptographic Keys",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-22T19:37:23",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.juniper.net/JSA11157"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 20.2R3, 20.3R2, 20.4R2, 21.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11157",
"defect": [
"1564611"
],
"discovery": "INTERNAL"
},
"title": "cSRX: Use of Hard-coded Cryptographic Keys allows an attacker to take control of the device through device management services.",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue. \n\nTo reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to the cSRX instance to only trusted administrative networks, hosts and users."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-04-14T16:00:00.000Z",
"ID": "CVE-2021-0266",
"STATE": "PUBLIC",
"TITLE": "cSRX: Use of Hard-coded Cryptographic Keys allows an attacker to take control of the device through device management services."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "cSRX Series",
"version_affected": "\u003c",
"version_value": "20.2R3"
},
{
"platform": "cSRX Series",
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R2"
},
{
"platform": "cSRX Series",
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-321 Use of Hard-coded Cryptographic Keys"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11157",
"refsource": "MISC",
"url": "https://kb.juniper.net/JSA11157"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 20.2R3, 20.3R2, 20.4R2, 21.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11157",
"defect": [
"1564611"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue. \n\nTo reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to the cSRX instance to only trusted administrative networks, hosts and users."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2021-0266",
"datePublished": "2021-04-22T19:37:23.655216Z",
"dateReserved": "2020-10-27T00:00:00",
"dateUpdated": "2024-09-17T03:13:48.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-36838
Vulnerability from cvelistv5
Published
2023-07-14 16:26
Modified
2024-10-22 14:31
Severity ?
EPSS score ?
Summary
An Out-of-bounds Read vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a local, authenticated attacker with low privileges, to cause a Denial of Service (DoS).
If a low privileged user executes a specific CLI command, flowd which is responsible for traffic forwarding in SRX crashes and generates a core dump. This will cause temporary traffic interruption until the flowd process is restarted automatically. Continued execution of this command will lead to a sustained DoS.
This issue affects Juniper Networks Junos OS on SRX Series:
All versions prior to 20.2R3-S7;
20.3 version 20.3R1 and later versions;
20.4 versions prior to 20.4R3-S6;
21.1 versions prior to 21.1R3-S5;
21.2 versions prior to 21.2R3-S4;
21.3 versions prior to 21.3R3-S4;
21.4 versions prior to 21.4R3-S3;
22.1 versions prior to 22.1R3-S1;
22.2 versions prior to 22.2R3;
22.3 versions prior to 22.3R2;
22.4 versions prior to 22.4R1-S1, 22.4R2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Version: unspecified < 20.2R3-S7 Version: 20.3 < 20.3* Version: 20.4 < 20.4R3-S6 Version: 21.1 < 21.1R3-S5 Version: 21.2 < 21.2R3-S4 Version: 21.3 < 21.3R3-S4 Version: 21.4 < 21.4R3-S3 Version: 22.1 < 22.1R3-S1 Version: 22.2 < 22.2R3 Version: 22.3 < 22.3R2 Version: 22.4 < 22.4R1-S1, 22.4R2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:01:09.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA71645"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36838",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T14:28:38.076785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T14:31:56.652Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.2R3-S7",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"changes": [
{
"at": "20.3R1",
"status": "affected"
}
],
"lessThan": "20.3*",
"status": "affected",
"version": "20.3",
"versionType": "custom"
},
{
"lessThan": "20.4R3-S6",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R3-S5",
"status": "affected",
"version": "21.1",
"versionType": "custom"
},
{
"lessThan": "21.2R3-S4",
"status": "affected",
"version": "21.2",
"versionType": "custom"
},
{
"lessThan": "21.3R3-S4",
"status": "affected",
"version": "21.3",
"versionType": "custom"
},
{
"lessThan": "21.4R3-S3",
"status": "affected",
"version": "21.4",
"versionType": "custom"
},
{
"lessThan": "22.1R3-S1",
"status": "affected",
"version": "22.1",
"versionType": "custom"
},
{
"lessThan": "22.2R3",
"status": "affected",
"version": "22.2",
"versionType": "custom"
},
{
"lessThan": "22.3R2",
"status": "affected",
"version": "22.3",
"versionType": "custom"
},
{
"lessThan": "22.4R1-S1, 22.4R2",
"status": "affected",
"version": "22.4",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-07-12T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Out-of-bounds Read vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a local, authenticated attacker with low privileges, to cause a Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003eIf a low privileged user executes a specific CLI command, flowd which is responsible for traffic forwarding in SRX crashes and generates a core dump. This will cause temporary traffic interruption until the flowd process is restarted automatically. Continued execution of this command will lead to a sustained DoS.\u003cbr\u003e\u003cbr\u003eThis issue affects Juniper Networks Junos OS on SRX Series:\u003cbr\u003eAll versions prior to 20.2R3-S7;\u003cbr\u003e20.3 version 20.3R1 and later versions;\u003cbr\u003e20.4 versions prior to 20.4R3-S6;\u003cbr\u003e21.1 versions prior to 21.1R3-S5;\u003cbr\u003e21.2 versions prior to 21.2R3-S4;\u003cbr\u003e21.3 versions prior to 21.3R3-S4;\u003cbr\u003e21.4 versions prior to 21.4R3-S3;\u003cbr\u003e22.1 versions prior to 22.1R3-S1;\u003cbr\u003e22.2 versions prior to 22.2R3;\u003cbr\u003e22.3 versions prior to 22.3R2;\u003cbr\u003e22.4 versions prior to 22.4R1-S1, 22.4R2.\u003cbr\u003e"
}
],
"value": "An Out-of-bounds Read vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a local, authenticated attacker with low privileges, to cause a Denial of Service (DoS).\n\nIf a low privileged user executes a specific CLI command, flowd which is responsible for traffic forwarding in SRX crashes and generates a core dump. This will cause temporary traffic interruption until the flowd process is restarted automatically. Continued execution of this command will lead to a sustained DoS.\n\nThis issue affects Juniper Networks Junos OS on SRX Series:\nAll versions prior to 20.2R3-S7;\n20.3 version 20.3R1 and later versions;\n20.4 versions prior to 20.4R3-S6;\n21.1 versions prior to 21.1R3-S5;\n21.2 versions prior to 21.2R3-S4;\n21.3 versions prior to 21.3R3-S4;\n21.4 versions prior to 21.4R3-S3;\n22.1 versions prior to 22.1R3-S1;\n22.2 versions prior to 22.2R3;\n22.3 versions prior to 22.3R2;\n22.4 versions prior to 22.4R1-S1, 22.4R2.\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003cbr\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-14T16:26:24.554Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"url": "https://supportportal.juniper.net/JSA71645"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 20.2R3-S7, 20.4R3-S6, 21.1R3-S5, 21.2R3-S4, 21.3R3-S4, 21.4R3-S3, 22.1R3-S1, 22.2R3, 22.3R2, 22.4R1-S1, 22.4R2, 23.1R1, and all subsequent releases.\u003cbr\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 20.2R3-S7, 20.4R3-S6, 21.1R3-S5, 21.2R3-S4, 21.3R3-S4, 21.4R3-S3, 22.1R3-S1, 22.2R3, 22.3R2, 22.4R1-S1, 22.4R2, 23.1R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA71645",
"defect": [
"1691594"
],
"discovery": "UNKNOWN"
},
"title": "Junos OS: SRX Series: A flowd core occurs when running a low privileged CLI command",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no available workarounds for this issue.\u003cbr\u003e"
}
],
"value": "There are no available workarounds for this issue.\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2023-36838",
"datePublished": "2023-07-14T16:26:24.554Z",
"dateReserved": "2023-06-27T16:17:25.276Z",
"dateUpdated": "2024-10-22T14:31:56.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-0062
Vulnerability from cvelistv5
Published
2019-10-09 19:26
Modified
2024-09-16 22:50
Severity ?
EPSS score ?
Summary
A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15 on EX Series; 12.3X48 versions prior to 12.3X48-D85 on SRX Series; 14.1X53 versions prior to 14.1X53-D51; 15.1 versions prior to 15.1F6-S13, 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238; 16.1 versions prior to 16.1R4-S13, 16.1R7-S5; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S5; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S2, 19.1R2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.juniper.net/JSA10961 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Version: 12.3 < 12.3R12-S15 |
||||||||
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:07.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10961"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"EX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "12.3R12-S15",
"status": "affected",
"version": "12.3",
"versionType": "custom"
}
]
},
{
"platforms": [
"SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "12.3X48-D85",
"status": "affected",
"version": "12.3X48",
"versionType": "custom"
},
{
"lessThan": "15.1X49-D180",
"status": "affected",
"version": "15.1X49",
"versionType": "custom"
}
]
},
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "14.1X53-D51",
"status": "affected",
"version": "14.1X53",
"versionType": "custom"
},
{
"lessThan": "15.1F6-S13, 15.1R7-S5",
"status": "affected",
"version": "15.1",
"versionType": "custom"
},
{
"lessThan": "15.1X53-D238",
"status": "affected",
"version": "15.1X53",
"versionType": "custom"
},
{
"lessThan": "16.1R4-S13, 16.1R7-S5",
"status": "affected",
"version": "16.1",
"versionType": "custom"
},
{
"lessThan": "16.2R2-S10",
"status": "affected",
"version": "16.2",
"versionType": "custom"
},
{
"lessThan": "17.1R3-S1",
"status": "affected",
"version": "17.1",
"versionType": "custom"
},
{
"lessThan": "17.2R2-S8, 17.2R3-S3",
"status": "affected",
"version": "17.2",
"versionType": "custom"
},
{
"lessThan": "17.3R3-S5",
"status": "affected",
"version": "17.3",
"versionType": "custom"
},
{
"lessThan": "17.4R2-S8, 17.4R3",
"status": "affected",
"version": "17.4",
"versionType": "custom"
},
{
"lessThan": "18.1R3-S8",
"status": "affected",
"version": "18.1",
"versionType": "custom"
},
{
"lessThan": "18.2R3",
"status": "affected",
"version": "18.2",
"versionType": "custom"
},
{
"lessThan": "18.3R3",
"status": "affected",
"version": "18.3",
"versionType": "custom"
},
{
"lessThan": "18.4R2",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.1R1-S2, 19.1R2",
"status": "affected",
"version": "19.1",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue requires J-Web to be enabled on the device.\n\nThe examples of the config stanza affected by this issue:\n system services web-management http\n system services web-management https"
}
],
"credits": [
{
"lang": "en",
"value": "Farid Heydari"
}
],
"datePublic": "2019-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15 on EX Series; 12.3X48 versions prior to 12.3X48-D85 on SRX Series; 14.1X53 versions prior to 14.1X53-D51; 15.1 versions prior to 15.1F6-S13, 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238; 16.1 versions prior to 16.1R4-S13, 16.1R7-S5; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S5; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S2, 19.1R2."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T19:26:17",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10961"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S15*, 12.3X48-D85, 14.1X53-D51, 15.1F6-S13, 15.1R7-S5, 15.1X49-D180, 15.1X53-D238, 16.1R4-S13, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R2-S8, 17.2R3-S3, 17.3R3-S5, 17.4R2-S8, 17.4R3*, 18.1R3-S8*, 18.2R3, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2, 19.2R1, and all subsequent releases.\n*pending publication"
}
],
"source": {
"advisory": "JSA10961",
"defect": [
"1410401"
],
"discovery": "EXTERNAL"
},
"title": "Junos OS: Session fixation vulnerability in J-Web",
"workarounds": [
{
"lang": "en",
"value": "Use access control lists or firewall filters to limit access to Junos J-Web interface to only trusted users and networks to reduce risks of exploitation of this vulnerability.\n\nUsing common BCPs of safe web browsing such as not clicking on links in email or other media would reduce risks of exploitation of this vulnerability.\n\nDisabling J-Web would completely prevent any exploitation of this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.8"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
"ID": "CVE-2019-0062",
"STATE": "PUBLIC",
"TITLE": "Junos OS: Session fixation vulnerability in J-Web"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "EX Series",
"version_affected": "\u003c",
"version_name": "12.3",
"version_value": "12.3R12-S15"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "12.3X48",
"version_value": "12.3X48-D85"
},
{
"version_affected": "\u003c",
"version_name": "14.1X53",
"version_value": "14.1X53-D51"
},
{
"version_affected": "\u003c",
"version_name": "15.1",
"version_value": "15.1F6-S13, 15.1R7-S5"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "15.1X49",
"version_value": "15.1X49-D180"
},
{
"version_affected": "\u003c",
"version_name": "15.1X53",
"version_value": "15.1X53-D238"
},
{
"version_affected": "\u003c",
"version_name": "16.1",
"version_value": "16.1R4-S13, 16.1R7-S5"
},
{
"version_affected": "\u003c",
"version_name": "16.2",
"version_value": "16.2R2-S10"
},
{
"version_affected": "\u003c",
"version_name": "17.1",
"version_value": "17.1R3-S1"
},
{
"version_affected": "\u003c",
"version_name": "17.2",
"version_value": "17.2R2-S8, 17.2R3-S3"
},
{
"version_affected": "\u003c",
"version_name": "17.3",
"version_value": "17.3R3-S5"
},
{
"version_affected": "\u003c",
"version_name": "17.4",
"version_value": "17.4R2-S8, 17.4R3"
},
{
"version_affected": "\u003c",
"version_name": "18.1",
"version_value": "18.1R3-S8"
},
{
"version_affected": "\u003c",
"version_name": "18.2",
"version_value": "18.2R3"
},
{
"version_affected": "\u003c",
"version_name": "18.3",
"version_value": "18.3R3"
},
{
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R2"
},
{
"version_affected": "\u003c",
"version_name": "19.1",
"version_value": "19.1R1-S2, 19.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue requires J-Web to be enabled on the device.\n\nThe examples of the config stanza affected by this issue:\n system services web-management http\n system services web-management https"
}
],
"credit": [
{
"lang": "eng",
"value": "Farid Heydari"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15 on EX Series; 12.3X48 versions prior to 12.3X48-D85 on SRX Series; 14.1X53 versions prior to 14.1X53-D51; 15.1 versions prior to 15.1F6-S13, 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238; 16.1 versions prior to 16.1R4-S13, 16.1R7-S5; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S5; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S2, 19.1R2."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.8"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-384 Session Fixation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10961",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10961"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S15*, 12.3X48-D85, 14.1X53-D51, 15.1F6-S13, 15.1R7-S5, 15.1X49-D180, 15.1X53-D238, 16.1R4-S13, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R2-S8, 17.2R3-S3, 17.3R3-S5, 17.4R2-S8, 17.4R3*, 18.1R3-S8*, 18.2R3, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2, 19.2R1, and all subsequent releases.\n*pending publication"
}
],
"source": {
"advisory": "JSA10961",
"defect": [
"1410401"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Use access control lists or firewall filters to limit access to Junos J-Web interface to only trusted users and networks to reduce risks of exploitation of this vulnerability.\n\nUsing common BCPs of safe web browsing such as not clicking on links in email or other media would reduce risks of exploitation of this vulnerability.\n\nDisabling J-Web would completely prevent any exploitation of this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2019-0062",
"datePublished": "2019-10-09T19:26:17.658174Z",
"dateReserved": "2018-10-11T00:00:00",
"dateUpdated": "2024-09-16T22:50:43.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-0289
Vulnerability from cvelistv5
Published
2021-07-15 20:01
Modified
2024-09-17 03:48
Severity ?
EPSS score ?
Summary
When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command "show interfaces <> extensive" and review the output. See further details below. An example output is: show interfaces extensive | match policer Policer: Input: __default_arp_policer__ <<< incorrect if user ARP Policer was applied on an AE interface and the default ARP Policer is displayed Policer: Input: jtac-arp-ae5.317-inet-arp <<< correct if user ARP Policer was applied on an AE interface For all platforms, except SRX Series: This issue affects Juniper Networks Junos OS: All versions 5.6R1 and all later versions prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the exception of 15.1 versions 15.1R7-S10 and later versions; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; This issue does not affect Juniper Networks Junos OS versions prior to 5.6R1. On SRX Series this issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.4 versions prior to 19.4R3-S4; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. This issue does not affect 18.4 versions prior to 18.4R1 on SRX Series. This issue does not affect Junos OS Evolved.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.juniper.net/JSA11191 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Patch: unspecified Version: 5.6R1 < 5.6* Version: 15.1 < 15.1R7-S10 Version: 16.1R1 < 16.1* Version: 16.2R1 < 16.2* Version: 17.1R1 < 17.1* Version: 17.2R1 < 17.2* Version: 17.3R1 < 17.3* Version: 17.4R1 < 17.4* Version: 18.1R1 < 18.1* Version: 18.2R1 < 18.2* Version: 18.3R1 < 18.3* Version: 18.4 < 18.4R2-S9, 18.4R3-S9 Version: 19.4 < 19.4R3-S3 Version: 20.1 < 20.1R3 Version: 20.2 < 20.2R3-S2 Version: 20.3R1 < 20.3* Version: 20.4 < 20.4R3 Version: 21.1 < 21.1R2 |
||||||||
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:32:10.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA11191"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "5.6R1",
"status": "unaffected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "5.6*",
"status": "affected",
"version": "5.6R1",
"versionType": "custom"
},
{
"changes": [
{
"at": "15.1F1",
"status": "affected"
}
],
"lessThan": "15.1R7-S10",
"status": "affected",
"version": "15.1",
"versionType": "custom"
},
{
"lessThan": "16.1*",
"status": "affected",
"version": "16.1R1",
"versionType": "custom"
},
{
"lessThan": "16.2*",
"status": "affected",
"version": "16.2R1",
"versionType": "custom"
},
{
"lessThan": "17.1*",
"status": "affected",
"version": "17.1R1",
"versionType": "custom"
},
{
"lessThan": "17.2*",
"status": "affected",
"version": "17.2R1",
"versionType": "custom"
},
{
"lessThan": "17.3*",
"status": "affected",
"version": "17.3R1",
"versionType": "custom"
},
{
"lessThan": "17.4*",
"status": "affected",
"version": "17.4R1",
"versionType": "custom"
},
{
"lessThan": "18.1*",
"status": "affected",
"version": "18.1R1",
"versionType": "custom"
},
{
"lessThan": "18.2*",
"status": "affected",
"version": "18.2R1",
"versionType": "custom"
},
{
"lessThan": "18.3*",
"status": "affected",
"version": "18.3R1",
"versionType": "custom"
},
{
"lessThan": "18.4R2-S9, 18.4R3-S9",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.4R3-S3",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R3",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R3-S2",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3*",
"status": "affected",
"version": "20.3R1",
"versionType": "custom"
},
{
"lessThan": "20.4R3",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R2",
"status": "affected",
"version": "21.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"changes": [
{
"at": "18.4R1",
"status": "affected"
}
],
"lessThan": "18.4R2-S9, 18.4R3-S9",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.4R3-S3",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R3",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R3-S2",
"status": "unaffected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3*",
"status": "affected",
"version": "20.3R1",
"versionType": "custom"
},
{
"lessThan": "20.4R3",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R2",
"status": "affected",
"version": "21.1",
"versionType": "custom"
}
]
},
{
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"status": "unaffected",
"version": "Any"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "First in config CLI mode check that is there any user ARP policers configured on an ae interface:\n\n show configuration | display set | match jtac-arp\n set groups jtac-arp-policer interfaces ae5 unit \u003c*\u003e family inet policer arp jtac-arp \u003c\u003c\u003c this shows user arp policer configured on all ae interfaces\n\nNext validate which ARP policer is installed by using the operational cli command:\n\n\u201cshow interfaces extensive | match policer\u201d\n show interfaces extensive | match policer\n Policer: Input: __default_arp_policer__ \u003c\u003c\u003c incorrect if user arp policer was applied on ae interface and default arp policer is displayed\n Policer: Input: jtac-arp-ae5.317-inet-arp \u003c\u003c\u003c correct if user arp policer was applied on ae interface"
}
],
"datePublic": "2021-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command \"show interfaces \u003c\u003e extensive\" and review the output. See further details below. An example output is: show interfaces extensive | match policer Policer: Input: __default_arp_policer__ \u003c\u003c\u003c incorrect if user ARP Policer was applied on an AE interface and the default ARP Policer is displayed Policer: Input: jtac-arp-ae5.317-inet-arp \u003c\u003c\u003c correct if user ARP Policer was applied on an AE interface For all platforms, except SRX Series: This issue affects Juniper Networks Junos OS: All versions 5.6R1 and all later versions prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the exception of 15.1 versions 15.1R7-S10 and later versions; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; This issue does not affect Juniper Networks Junos OS versions prior to 5.6R1. On SRX Series this issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.4 versions prior to 19.4R3-S4; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. This issue does not affect 18.4 versions prior to 18.4R1 on SRX Series. This issue does not affect Junos OS Evolved."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-15T20:01:05",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA11191"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: For all platforms, except SRX Series, using Junos OS 15.1R7-S10, 18.4R2-S9, 18.4R3-S9, 19.4R3-S4, 20.1R3, 20.2R3-S2, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases. On SRX series using Junos OS 18.4R2-S9, 18.4R3-S9, 19.4R3-S4. 20.1R3, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11191",
"defect": [
"1528403"
],
"discovery": "USER"
},
"title": "Junos OS: User-defined ARP Policer isn\u0027t applied on Aggregated Ethernet (AE) interface until firewall process is restarted",
"workarounds": [
{
"lang": "en",
"value": "There is no workaround for this issue. \n\nIf affected by this issue, to recover from its impact, restart the firewall process to update the ARP Policer on the AE interface unit(s). \nFrom the CLI issue: \n\n cli\u003e restart firewall \n\nNote: no side effects on firewall restart shall be seen when issuing this command."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2021-07-14T16:00:00.000Z",
"ID": "CVE-2021-0289",
"STATE": "PUBLIC",
"TITLE": "Junos OS: User-defined ARP Policer isn\u0027t applied on Aggregated Ethernet (AE) interface until firewall process is restarted"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "5.6",
"version_value": "5.6R1"
},
{
"version_affected": "\u003c",
"version_name": "15.1",
"version_value": "15.1R7-S10"
},
{
"version_affected": "\u003e=",
"version_name": "15.1",
"version_value": "15.1F1"
},
{
"version_affected": "\u003e=",
"version_name": "16.1",
"version_value": "16.1R1"
},
{
"version_affected": "\u003e=",
"version_name": "16.2",
"version_value": "16.2R1"
},
{
"version_affected": "\u003e=",
"version_name": "17.1",
"version_value": "17.1R1"
},
{
"version_affected": "\u003e=",
"version_name": "17.2",
"version_value": "17.2R1"
},
{
"version_affected": "\u003e=",
"version_name": "17.3",
"version_value": "17.3R1"
},
{
"version_affected": "\u003e=",
"version_name": "17.4",
"version_value": "17.4R1"
},
{
"version_affected": "\u003e=",
"version_name": "18.1",
"version_value": "18.1R1"
},
{
"version_affected": "\u003e=",
"version_name": "18.2",
"version_value": "18.2R1"
},
{
"version_affected": "\u003e=",
"version_name": "18.3",
"version_value": "18.3R1"
},
{
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R2-S9, 18.4R3-S9"
},
{
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R3-S3"
},
{
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R3"
},
{
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"version_affected": "\u003e=",
"version_name": "20.3",
"version_value": "20.3R1"
},
{
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R2"
},
{
"version_affected": "!\u003c",
"version_value": "5.6R1"
}
]
}
},
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R2-S9, 18.4R3-S9"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R3-S3"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R3"
},
{
"platform": "SRX Series",
"version_affected": "!\u003c",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"platform": "SRX Series",
"version_affected": "\u003e=",
"version_name": "20.3",
"version_value": "20.3R1"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R2"
},
{
"platform": "SRX Series",
"version_affected": "!\u003c",
"version_name": "18.4",
"version_value": "18.4R1"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "!",
"version_name": "Any",
"version_value": "Any"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "First in config CLI mode check that is there any user ARP policers configured on an ae interface:\n\n show configuration | display set | match jtac-arp\n set groups jtac-arp-policer interfaces ae5 unit \u003c*\u003e family inet policer arp jtac-arp \u003c\u003c\u003c this shows user arp policer configured on all ae interfaces\n\nNext validate which ARP policer is installed by using the operational cli command:\n\n\u201cshow interfaces extensive | match policer\u201d\n show interfaces extensive | match policer\n Policer: Input: __default_arp_policer__ \u003c\u003c\u003c incorrect if user arp policer was applied on ae interface and default arp policer is displayed\n Policer: Input: jtac-arp-ae5.317-inet-arp \u003c\u003c\u003c correct if user arp policer was applied on ae interface"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command \"show interfaces \u003c\u003e extensive\" and review the output. See further details below. An example output is: show interfaces extensive | match policer Policer: Input: __default_arp_policer__ \u003c\u003c\u003c incorrect if user ARP Policer was applied on an AE interface and the default ARP Policer is displayed Policer: Input: jtac-arp-ae5.317-inet-arp \u003c\u003c\u003c correct if user ARP Policer was applied on an AE interface For all platforms, except SRX Series: This issue affects Juniper Networks Junos OS: All versions 5.6R1 and all later versions prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the exception of 15.1 versions 15.1R7-S10 and later versions; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; This issue does not affect Juniper Networks Junos OS versions prior to 5.6R1. On SRX Series this issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.4 versions prior to 19.4R3-S4; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. This issue does not affect 18.4 versions prior to 18.4R1 on SRX Series. This issue does not affect Junos OS Evolved."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11191",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11191"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: For all platforms, except SRX Series, using Junos OS 15.1R7-S10, 18.4R2-S9, 18.4R3-S9, 19.4R3-S4, 20.1R3, 20.2R3-S2, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases. On SRX series using Junos OS 18.4R2-S9, 18.4R3-S9, 19.4R3-S4. 20.1R3, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11191",
"defect": [
"1528403"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There is no workaround for this issue. \n\nIf affected by this issue, to recover from its impact, restart the firewall process to update the ARP Policer on the AE interface unit(s). \nFrom the CLI issue: \n\n cli\u003e restart firewall \n\nNote: no side effects on firewall restart shall be seen when issuing this command."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2021-0289",
"datePublished": "2021-07-15T20:01:05.615580Z",
"dateReserved": "2020-10-27T00:00:00",
"dateUpdated": "2024-09-17T03:48:59.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-28985
Vulnerability from cvelistv5
Published
2023-07-14 16:34
Modified
2024-11-07 14:28
Severity ?
EPSS score ?
Summary
An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). Continued receipt of this specific packet will cause a sustained Denial of Service condition.
On all SRX Series and MX Series platforms, where IDP is enabled and a specific malformed SSL packet is received, the SSL detector crashes leading to an FPC core.
This issue affects Juniper Networks SRX Series and MX Series prior to SigPack 3598.
In order to identify the current SigPack version, following command can be used:
user@junos# show security idp security-package-version
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Version: unspecified < SigPack 3598 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:39.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA71662"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:juniper_networks:junos_os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "junos_os",
"vendor": "juniper_networks",
"versions": [
{
"lessThan": "SigPack 3598",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28985",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T14:25:45.770994Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T14:28:11.378Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"SRX Series",
"MX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "SigPack 3598",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For this issue to occur, IDP policy has to be enabled on the SRX and MX Series devices to inspect the HTTPS traffic.\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e[ security idp active-policy policy-name ]\u003cbr\u003e[ security idp idp-policy policy-name rulebase-ips rule rule-name ]\u003c/tt\u003e"
}
],
"value": "For this issue to occur, IDP policy has to be enabled on the SRX and MX Series devices to inspect the HTTPS traffic.\n\n[ security idp active-policy policy-name ]\n[ security idp idp-policy policy-name rulebase-ips rule rule-name ]"
}
],
"datePublic": "2023-07-12T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). Continued receipt of this specific packet will cause a sustained Denial of Service condition.\u003cbr\u003e\u003cbr\u003eOn all SRX Series and MX Series platforms, where IDP is enabled and a specific malformed SSL packet is received, the SSL detector crashes leading to an FPC core.\u003cbr\u003e\u003cbr\u003eThis issue affects Juniper Networks SRX Series and MX Series prior to SigPack 3598.\u003cbr\u003e\u003cbr\u003eIn order to identify the current SigPack version, following command can be used:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003euser@junos# show security idp security-package-version\u003c/tt\u003e"
}
],
"value": "An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). Continued receipt of this specific packet will cause a sustained Denial of Service condition.\n\nOn all SRX Series and MX Series platforms, where IDP is enabled and a specific malformed SSL packet is received, the SSL detector crashes leading to an FPC core.\n\nThis issue affects Juniper Networks SRX Series and MX Series prior to SigPack 3598.\n\nIn order to identify the current SigPack version, following command can be used:\n\nuser@junos# show security idp security-package-version"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003cbr\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286 Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-14T16:34:24.993Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"url": "https://supportportal.juniper.net/JSA71662"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue: SigPack 3598, and all subsequent releases.\u003cbr\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: SigPack 3598, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA71662",
"defect": [
"1655071"
],
"discovery": "USER"
},
"title": "SRX Series and MX Series: An FPC core is observed when IDP is enabled on the device and a specific malformed SSL packet is received",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue.\u003cbr\u003e"
}
],
"value": "There are no known workarounds for this issue.\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2023-28985",
"datePublished": "2023-07-14T16:34:24.993Z",
"dateReserved": "2023-03-29T08:44:10.679Z",
"dateUpdated": "2024-11-07T14:28:11.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-0055
Vulnerability from cvelistv5
Published
2019-10-09 19:26
Modified
2024-09-16 22:08
Severity ?
EPSS score ?
Summary
A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.juniper.net/JSA10953 | x_refsource_MISC | |
| https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Version: 12.3X48 < 12.3X48-D61, 12.3X48-D65 Version: 15.1X49 < 15.1X49-D130 Version: 17.3 < 17.3R3 Version: 17.4 < 17.4R2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:07.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10953"
},
{
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "12.3X48-D61, 12.3X48-D65",
"status": "affected",
"version": "12.3X48",
"versionType": "custom"
},
{
"lessThan": "15.1X49-D130",
"status": "affected",
"version": "15.1X49",
"versionType": "custom"
},
{
"lessThan": "17.3R3",
"status": "affected",
"version": "17.3",
"versionType": "custom"
},
{
"lessThan": "17.4R2",
"status": "affected",
"version": "17.4",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue only affects SRX Series devices where SIP ALG is enabled.\nThe following minimum configuration is required: \n set security alg sip"
}
],
"datePublic": "2019-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-130",
"description": "CWE-130 Improper Handling of Length Parameter Inconsistency",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T19:26:17",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.juniper.net/JSA10953"
},
{
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2, 18.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10953",
"defect": [
"1329170"
],
"discovery": "USER"
},
"title": "Junos OS: SRX Series: An attacker may cause flowd to crash by sending certain valid SIP traffic to a device with SIP ALG enabled.",
"workarounds": [
{
"lang": "en",
"value": "Disable SIP ALG if this is not needed, otherwise there are no viable workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
"ID": "CVE-2019-0055",
"STATE": "PUBLIC",
"TITLE": "Junos OS: SRX Series: An attacker may cause flowd to crash by sending certain valid SIP traffic to a device with SIP ALG enabled."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "12.3X48",
"version_value": "12.3X48-D61, 12.3X48-D65"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "15.1X49",
"version_value": "15.1X49-D130"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "17.3",
"version_value": "17.3R3"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "17.4",
"version_value": "17.4R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue only affects SRX Series devices where SIP ALG is enabled.\nThe following minimum configuration is required: \n set security alg sip"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-130 Improper Handling of Length Parameter Inconsistency"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10953",
"refsource": "MISC",
"url": "https://kb.juniper.net/JSA10953"
},
{
"name": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html",
"refsource": "MLIST",
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2, 18.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10953",
"defect": [
"1329170"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "Disable SIP ALG if this is not needed, otherwise there are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2019-0055",
"datePublished": "2019-10-09T19:26:17.374648Z",
"dateReserved": "2018-10-11T00:00:00",
"dateUpdated": "2024-09-16T22:08:51.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-0068
Vulnerability from cvelistv5
Published
2019-10-09 19:26
Modified
2024-09-17 04:09
Severity ?
EPSS score ?
Summary
The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D90; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions; 17.4 versions prior to 17.4R2-S5, 17.4R3; 18.1 versions prior to 18.1R3-S6; 18.2 versions prior to 18.2R2-S4, 18.2R3; 18.3 versions prior to 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S1, 19.1R2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.juniper.net/JSA10968 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Version: 17.3 Version: 12.3X48 < 12.3X48-D90 Version: 15.1X49 < 15.1X49-D180 Version: 17.4 < 17.4R2-S5, 17.4R3 Version: 18.1 < 18.1R3-S6 Version: 18.2 < 18.2R2-S4, 18.2R3 Version: 18.3 < 18.3R2-S1, 18.3R3 Version: 18.4 < 18.4R2 Version: 19.1 < 19.1R1-S1, 19.1R2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:07.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10968"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "17.3"
},
{
"lessThan": "12.3X48-D90",
"status": "affected",
"version": "12.3X48",
"versionType": "custom"
},
{
"lessThan": "15.1X49-D180",
"status": "affected",
"version": "15.1X49",
"versionType": "custom"
},
{
"lessThan": "17.4R2-S5, 17.4R3",
"status": "affected",
"version": "17.4",
"versionType": "custom"
},
{
"lessThan": "18.1R3-S6",
"status": "affected",
"version": "18.1",
"versionType": "custom"
},
{
"lessThan": "18.2R2-S4, 18.2R3",
"status": "affected",
"version": "18.2",
"versionType": "custom"
},
{
"lessThan": "18.3R2-S1, 18.3R3",
"status": "affected",
"version": "18.3",
"versionType": "custom"
},
{
"lessThan": "18.4R2",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.1R1-S1, 19.1R2",
"status": "affected",
"version": "19.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D90; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions; 17.4 versions prior to 17.4R2-S5, 17.4R3; 18.1 versions prior to 18.1R3-S6; 18.2 versions prior to 18.2R2-S4, 18.2R3; 18.3 versions prior to 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S1, 19.1R2."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T19:26:17",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10968"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D90, 15.1X49-D180, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S4, 18.2R3, 18.3R2-S1, 18.3R3, 18.4R2, 19.1R1-S1, 19.1R2, 19.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10968",
"defect": [
"1417510"
],
"discovery": "USER"
},
"title": "Junos OS: SRX Series: Denial of Service vulnerability in flowd due to multicast packets",
"workarounds": [
{
"lang": "en",
"value": "There are no available workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
"ID": "CVE-2019-0068",
"STATE": "PUBLIC",
"TITLE": "Junos OS: SRX Series: Denial of Service vulnerability in flowd due to multicast packets"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "12.3X48",
"version_value": "12.3X48-D90"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "15.1X49",
"version_value": "15.1X49-D180"
},
{
"platform": "SRX Series",
"version_affected": "=",
"version_name": "17.3",
"version_value": "17.3"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "17.4",
"version_value": "17.4R2-S5, 17.4R3"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "18.1",
"version_value": "18.1R3-S6"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "18.2",
"version_value": "18.2R2-S4, 18.2R3"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "18.3",
"version_value": "18.3R2-S1, 18.3R3"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R2"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "19.1",
"version_value": "19.1R1-S1, 19.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D90; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions; 17.4 versions prior to 17.4R2-S5, 17.4R3; 18.1 versions prior to 18.1R3-S6; 18.2 versions prior to 18.2R2-S4, 18.2R3; 18.3 versions prior to 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S1, 19.1R2."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10968",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10968"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D90, 15.1X49-D180, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S4, 18.2R3, 18.3R2-S1, 18.3R3, 18.4R2, 19.1R1-S1, 19.1R2, 19.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10968",
"defect": [
"1417510"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There are no available workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2019-0068",
"datePublished": "2019-10-09T19:26:17.903640Z",
"dateReserved": "2018-10-11T00:00:00",
"dateUpdated": "2024-09-17T04:09:30.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-0058
Vulnerability from cvelistv5
Published
2019-10-09 19:26
Modified
2024-09-16 17:49
Severity ?
EPSS score ?
Summary
A vulnerability in the Veriexec subsystem of Juniper Networks Junos OS allowing an attacker to fully compromise the host system. A local authenticated user can elevate privileges to gain full control of the system even if they are specifically denied access to perform certain actions. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D80 on SRX Series.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.juniper.net/JSA10956 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Version: 12.3X48 < 12.3X48-D80 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:07.220Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10956"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "12.3X48-D80",
"status": "affected",
"version": "12.3X48",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This requires a local authenticated user to have shell privilege."
}
],
"datePublic": "2019-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Veriexec subsystem of Juniper Networks Junos OS allowing an attacker to fully compromise the host system. A local authenticated user can elevate privileges to gain full control of the system even if they are specifically denied access to perform certain actions. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D80 on SRX Series."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "252 - Unchecked Return Value",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T19:26:17",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.juniper.net/JSA10956"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS: 12.3X48-D80 and all subsequent releases."
}
],
"source": {
"advisory": "JSA10956",
"defect": [
"975878"
],
"discovery": "INTERNAL"
},
"title": "Junos OS: SRX Series: A weakness in the Veriexec subsystem may allow privilege escalation.",
"workarounds": [
{
"lang": "en",
"value": "To reduce the risk of exploitation of this vulnerability, customers should limit access to the Junos shell to only trusted administrators and limit their actions to previously reviewed and agreed-upon commands and command arguments as part of a structured change management workflow. Shell commands which are run should be logged and reviewed as part of standard security practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
"ID": "CVE-2019-0058",
"STATE": "PUBLIC",
"TITLE": "Junos OS: SRX Series: A weakness in the Veriexec subsystem may allow privilege escalation."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "12.3X48",
"version_value": "12.3X48-D80"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This requires a local authenticated user to have shell privilege."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Veriexec subsystem of Juniper Networks Junos OS allowing an attacker to fully compromise the host system. A local authenticated user can elevate privileges to gain full control of the system even if they are specifically denied access to perform certain actions. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D80 on SRX Series."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "252 - Unchecked Return Value"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10956",
"refsource": "MISC",
"url": "https://kb.juniper.net/JSA10956"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS: 12.3X48-D80 and all subsequent releases."
}
],
"source": {
"advisory": "JSA10956",
"defect": [
"975878"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "To reduce the risk of exploitation of this vulnerability, customers should limit access to the Junos shell to only trusted administrators and limit their actions to previously reviewed and agreed-upon commands and command arguments as part of a structured change management workflow. Shell commands which are run should be logged and reviewed as part of standard security practices."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2019-0058",
"datePublished": "2019-10-09T19:26:17.497824Z",
"dateReserved": "2018-10-11T00:00:00",
"dateUpdated": "2024-09-16T17:49:17.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-0054
Vulnerability from cvelistv5
Published
2019-10-09 19:26
Modified
2024-09-17 00:36
Severity ?
EPSS score ?
Summary
An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the integrity and confidentiality of the device. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D120 on SRX Series devices. No other versions of Junos OS are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.juniper.net/JSA10952 | x_refsource_MISC | |
| https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-application-identification-overview.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Version: 15.1X49 < 15.1X49-D120 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:07.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10952"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-application-identification-overview.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "15.1X49-D120",
"status": "affected",
"version": "15.1X49",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "The following minimum configuration is required:\n services application-identification"
}
],
"datePublic": "2019-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the integrity and confidentiality of the device. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D120 on SRX Series devices. No other versions of Junos OS are affected."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-300",
"description": "CWE-300 Channel Accessible by Non-Endpoint (\u0027Man-in-the-Middle\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T19:26:17",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.juniper.net/JSA10952"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-application-identification-overview.html"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 15.1X49-D120, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10952",
"defect": [
"1291665"
],
"discovery": "INTERNAL"
},
"title": "Junos OS: SRX Series: An attacker may be able to perform Man-in-the-Middle (MitM) attacks during app-id signature updates.",
"workarounds": [
{
"lang": "en",
"value": "Set the following command in the device for affected releases:\n\n set services application-identification download secure-download"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
"ID": "CVE-2019-0054",
"STATE": "PUBLIC",
"TITLE": "Junos OS: SRX Series: An attacker may be able to perform Man-in-the-Middle (MitM) attacks during app-id signature updates."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "15.1X49",
"version_value": "15.1X49-D120"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "The following minimum configuration is required:\n services application-identification"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the integrity and confidentiality of the device. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D120 on SRX Series devices. No other versions of Junos OS are affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295 Improper Certificate Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-300 Channel Accessible by Non-Endpoint (\u0027Man-in-the-Middle\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10952",
"refsource": "MISC",
"url": "https://kb.juniper.net/JSA10952"
},
{
"name": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-application-identification-overview.html",
"refsource": "MISC",
"url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-application-identification-overview.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 15.1X49-D120, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10952",
"defect": [
"1291665"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Set the following command in the device for affected releases:\n\n set services application-identification download secure-download"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2019-0054",
"datePublished": "2019-10-09T19:26:17.333372Z",
"dateReserved": "2018-10-11T00:00:00",
"dateUpdated": "2024-09-17T00:36:21.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22251
Vulnerability from cvelistv5
Published
2022-10-18 02:46
Modified
2024-09-16 16:48
Severity ?
EPSS score ?
Summary
On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-privileged attacker to elevate their permissions to take control of any instance of a cSRX software deployment. This issue affects Juniper Networks Junos OS 20.2 version 20.2R1 and later versions prior to 21.2R1 on cSRX Series.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.juniper.net/JSA69908 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Patch: unspecified Version: 20.2R1 < 20.2* Version: 20.3R1 < 20.3* Version: 20.4R1 < 20.4* Version: 21.1R1 < 21.1* |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.384Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://kb.juniper.net/JSA69908"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"cSRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.2R1",
"status": "unaffected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "20.2*",
"status": "affected",
"version": "20.2R1",
"versionType": "custom"
},
{
"lessThan": "20.3*",
"status": "affected",
"version": "20.3R1",
"versionType": "custom"
},
{
"lessThan": "20.4*",
"status": "affected",
"version": "20.4R1",
"versionType": "custom"
},
{
"lessThan": "21.1*",
"status": "affected",
"version": "21.1R1",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-10-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-privileged attacker to elevate their permissions to take control of any instance of a cSRX software deployment. This issue affects Juniper Networks Junos OS 20.2 version 20.2R1 and later versions prior to 21.2R1 on cSRX Series."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257 Storing Passwords in a Recoverable Format",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-275",
"description": "CWE-275 Permission Issues",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Privilege elevation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-18T00:00:00",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"url": "https://kb.juniper.net/JSA69908"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 21.2R1, and all subsequent releases.\n\nAdditionally, customers using Docker or Kubernetes must contact JTAC to receive additional guidance on applying commands manually to deployments to provide a complete fix."
}
],
"source": {
"advisory": "JSA69908",
"defect": [
"1564383"
],
"discovery": "INTERNAL"
},
"title": "cSRX Series: Storing Passwords in a Recoverable Format and software permissions issues allows a local attacker to elevate privileges",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue. \n\nTo reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to the cSRX instance to only trusted administrative networks, hosts and users."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22251",
"datePublished": "2022-10-18T02:46:54.129749Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-16T16:48:02.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-0066
Vulnerability from cvelistv5
Published
2019-10-09 19:26
Modified
2024-09-16 22:15
Severity ?
EPSS score ?
Summary
An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.juniper.net/JSA10965 | x_refsource_MISC | |
| https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Version: 15.1 < 15.1F6-S12, 15.1R7-S2 Version: 16.1 < 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2 Version: 16.2 < 16.2R2-S7 Version: 17.1 < 17.1R2-S9, 17.1R3 Version: 17.2 < 17.2R1-S7, 17.2R2-S6, 17.2R3 Version: 17.3 < 17.3R2-S4, 17.3R3 Version: 15.1X53 < 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:07.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10965"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "15.1F6-S12, 15.1R7-S2",
"status": "affected",
"version": "15.1",
"versionType": "custom"
},
{
"lessThan": "16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2",
"status": "affected",
"version": "16.1",
"versionType": "custom"
},
{
"lessThan": "16.2R2-S7",
"status": "affected",
"version": "16.2",
"versionType": "custom"
},
{
"lessThan": "17.1R2-S9, 17.1R3",
"status": "affected",
"version": "17.1",
"versionType": "custom"
},
{
"lessThan": "17.2R1-S7, 17.2R2-S6, 17.2R3",
"status": "affected",
"version": "17.2",
"versionType": "custom"
},
{
"lessThan": "17.3R2-S4, 17.3R3",
"status": "affected",
"version": "17.3",
"versionType": "custom"
},
{
"lessThan": "15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590",
"status": "affected",
"version": "15.1X53",
"versionType": "custom"
}
]
},
{
"platforms": [
"SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "15.1X49-D150",
"status": "affected",
"version": "15.1X49",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-394",
"description": "CWE-394 Unexpected Status Code or Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T19:26:17",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.juniper.net/JSA10965"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 15.1F6-S12, 15.1R7-S2, 15.1X49-D150, 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R2-S9, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.3R2-S4, 17.3R3, 17.4R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10965",
"defect": [
"1309982"
],
"discovery": "INTERNAL"
},
"title": "Junos OS: A malformed IPv4 packet received by Junos in an NG-mVPN scenario may cause the routing protocol daemon (rpd) process to core",
"workarounds": [
{
"lang": "en",
"value": "Discontinue use of BGP services if not needed. Otherwise, there are no viable workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
"ID": "CVE-2019-0066",
"STATE": "PUBLIC",
"TITLE": "Junos OS: A malformed IPv4 packet received by Junos in an NG-mVPN scenario may cause the routing protocol daemon (rpd) process to core"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "15.1",
"version_value": "15.1F6-S12, 15.1R7-S2"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "15.1X49",
"version_value": "15.1X49-D150"
},
{
"version_affected": "\u003c",
"version_name": "16.1",
"version_value": "16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2"
},
{
"version_affected": "\u003c",
"version_name": "16.2",
"version_value": "16.2R2-S7"
},
{
"version_affected": "\u003c",
"version_name": "17.1",
"version_value": "17.1R2-S9, 17.1R3"
},
{
"version_affected": "\u003c",
"version_name": "17.2",
"version_value": "17.2R1-S7, 17.2R2-S6, 17.2R3"
},
{
"version_affected": "\u003c",
"version_name": "17.3",
"version_value": "17.3R2-S4, 17.3R3"
},
{
"version_affected": "\u003c",
"version_name": "15.1X53",
"version_value": "15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-394 Unexpected Status Code or Return Value"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10965",
"refsource": "MISC",
"url": "https://kb.juniper.net/JSA10965"
},
{
"name": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html",
"refsource": "MISC",
"url": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 15.1F6-S12, 15.1R7-S2, 15.1X49-D150, 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R2-S9, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.3R2-S4, 17.3R3, 17.4R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10965",
"defect": [
"1309982"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Discontinue use of BGP services if not needed. Otherwise, there are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2019-0066",
"datePublished": "2019-10-09T19:26:17.824789Z",
"dateReserved": "2018-10-11T00:00:00",
"dateUpdated": "2024-09-16T22:15:50.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-36831
Vulnerability from cvelistv5
Published
2023-07-14 14:56
Modified
2024-11-07 14:41
Severity ?
EPSS score ?
Summary
An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series causes a jbuf memory leak to occur when accessing certain websites, eventually leading to a Denial of Service (DoS) condition. Service restoration is only possible by rebooting the system.
The jbuf memory leak only occurs in SSL Proxy and UTM Web-Filtering configurations. Other products, platforms, and configurations are not affected by this vulnerability.
This issue affects Juniper Networks Junos OS on SRX Series:
22.2 versions prior to 22.2R3;
22.3 versions prior to 22.3R2-S1, 22.3R3;
22.4 versions prior to 22.4R1-S2, 22.4R2.
This issue does not affect Juniper Networks Junos OS versions prior to 22.2R2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Juniper Networks | Junos OS |
Version: 22.2 < 22.2R3 Version: 22.3 < 22.3R2-S1, 22.3R3 Version: 22.4 < 22.4R1-S2, 22.4R2 Patch: unspecified |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:01:09.920Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://supportportal.juniper.net/JSA71636"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:juniper_networks:junos_os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "junos_os",
"vendor": "juniper_networks",
"versions": [
{
"lessThan": "22.2R3",
"status": "affected",
"version": "22.2",
"versionType": "custom"
},
{
"lessThan": "22.3R2-S1",
"status": "affected",
"version": "22.3",
"versionType": "custom"
},
{
"lessThan": "22.3R3",
"status": "affected",
"version": "22.3",
"versionType": "custom"
},
{
"lessThan": "22.4R1-S2",
"status": "affected",
"version": "22.4",
"versionType": "custom"
},
{
"lessThan": "22.4R2",
"status": "affected",
"version": "22.4",
"versionType": "custom"
},
{
"lessThan": "22.2R2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-36831",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T14:39:03.046485Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T14:41:49.644Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "22.2R3",
"status": "affected",
"version": "22.2",
"versionType": "custom"
},
{
"lessThan": "22.3R2-S1, 22.3R3",
"status": "affected",
"version": "22.3",
"versionType": "custom"
},
{
"lessThan": "22.4R1-S2, 22.4R2",
"status": "affected",
"version": "22.4",
"versionType": "custom"
},
{
"lessThan": "22.2R2",
"status": "unaffected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following sample configuration options highlight the features required to be affected by this issue:\u003cbr\u003e\u003ctt\u003e\u0026nbsp; set services ssl proxy profile SSL-PROXY protocol-version tls12-and-lower\u003cbr\u003e\u0026nbsp; set services ssl proxy profile SSL-PROXY trusted-ca all\u003cbr\u003e\u0026nbsp; set services ssl proxy profile SSL-PROXY root-ca ssl-proxy-ecdsa1\u003cbr\u003e\u0026nbsp; set security pki ca-profile SECURITY-CA-GROUP_1 ca-identity SECURITY-CA-GROUP_1\u003cbr\u003e\u003c/tt\u003e...\u003cbr\u003e\u003ctt\u003e\u0026nbsp; set security utm default-configuration web-filtering juniper-enhanced default log-and-permit\u003cbr\u003e\u0026nbsp; set security utm feature-profile web-filtering juniper-enhanced profile 2 category ... action block\u003cbr\u003e\u003c/tt\u003e...\u003cbr\u003e\u003ctt\u003e\u0026nbsp; set security utm utm-policy 1 web-filtering http-profile 2\u003cbr\u003e\u003c/tt\u003e...\u003cbr\u003e\u003ctt\u003e\u0026nbsp; set security policies from-zone private to-zone internet policy 1 then permit application-services ssl-proxy profile-name SSL-PROXY\u003cbr\u003e\u0026nbsp; set security policies from-zone private to-zone internet policy 1 then permit application-services utm-policy 1\u003c/tt\u003e\u003cbr\u003e"
}
],
"value": "The following sample configuration options highlight the features required to be affected by this issue:\n\u00a0 set services ssl proxy profile SSL-PROXY protocol-version tls12-and-lower\n\u00a0 set services ssl proxy profile SSL-PROXY trusted-ca all\n\u00a0 set services ssl proxy profile SSL-PROXY root-ca ssl-proxy-ecdsa1\n\u00a0 set security pki ca-profile SECURITY-CA-GROUP_1 ca-identity SECURITY-CA-GROUP_1\n...\n\u00a0 set security utm default-configuration web-filtering juniper-enhanced default log-and-permit\n\u00a0 set security utm feature-profile web-filtering juniper-enhanced profile 2 category ... action block\n...\n\u00a0 set security utm utm-policy 1 web-filtering http-profile 2\n...\n\u00a0 set security policies from-zone private to-zone internet policy 1 then permit application-services ssl-proxy profile-name SSL-PROXY\n\u00a0 set security policies from-zone private to-zone internet policy 1 then permit application-services utm-policy 1\n"
}
],
"datePublic": "2023-07-12T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series causes a jbuf memory leak to occur when accessing certain websites, eventually leading to a Denial of Service (DoS) condition. Service restoration is only possible by rebooting the system.\u003cbr\u003e\u003cbr\u003eThe jbuf memory leak only occurs in SSL Proxy and UTM Web-Filtering configurations. Other products, platforms, and configurations are not affected by this vulnerability.\u003cbr\u003e\u003cbr\u003eThis issue affects Juniper Networks Junos OS on SRX Series:\u003cbr\u003e22.2 versions prior to 22.2R3;\u003cbr\u003e22.3 versions prior to 22.3R2-S1, 22.3R3;\u003cbr\u003e22.4 versions prior to 22.4R1-S2, 22.4R2.\u003cbr\u003e\u003cbr\u003eThis issue does not affect Juniper Networks Junos OS versions prior to 22.2R2.\u003cbr\u003e"
}
],
"value": "An Improper Check or Handling of Exceptional Conditions vulnerability in the UTM (Unified Threat Management) Web-Filtering feature of Juniper Networks Junos OS on SRX Series causes a jbuf memory leak to occur when accessing certain websites, eventually leading to a Denial of Service (DoS) condition. Service restoration is only possible by rebooting the system.\n\nThe jbuf memory leak only occurs in SSL Proxy and UTM Web-Filtering configurations. Other products, platforms, and configurations are not affected by this vulnerability.\n\nThis issue affects Juniper Networks Junos OS on SRX Series:\n22.2 versions prior to 22.2R3;\n22.3 versions prior to 22.3R2-S1, 22.3R3;\n22.4 versions prior to 22.4R1-S2, 22.4R2.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 22.2R2.\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003cbr\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-14T14:56:32.306Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"url": "https://supportportal.juniper.net/JSA71636"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 22.2R3, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2, 23.1R1, and all subsequent releases.\u003cbr\u003e"
}
],
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 22.2R3, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2, 23.1R1, and all subsequent releases.\n"
}
],
"source": {
"defect": [
"1709031"
],
"discovery": "USER"
},
"title": "Junos OS: SRX Series: jbuf memory leak when SSL Proxy and UTM Web-Filtering is applied",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue.\u003cbr\u003e"
}
],
"value": "There are no known workarounds for this issue.\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2023-36831",
"datePublished": "2023-07-14T14:56:32.306Z",
"dateReserved": "2023-06-27T16:17:25.275Z",
"dateUpdated": "2024-11-07T14:41:49.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}