Vulnerability-Lookup - Search a vulnerability

All the vulnerabilites related to juniper - nfx_series

Vulnerability from fkie_nvd

Published

2018-10-10 18:29

Modified

2024-11-21 03:37

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

An improper input validation weakness in the device control daemon process (dcd) of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and connected clients when the Junos device is requesting an IP address for itself. Junos devices are not vulnerable to this issue when not configured to use DHCP. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D40 on SRX Series; 12.3X48 versions prior to 12.3X48-D20 on SRX Series; 14.1X53 versions prior to 14.1X53-D40 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 15.1X49 versions prior to 15.1X49-D20 on SRX Series; 15.1X53 versions prior to 15.1X53-D68 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D235 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D495 on NFX150, NFX250; 15.1X53 versions prior to 15.1X53-D590 on EX2300/EX3400; 15.1 versions prior to 15.1R7-S2.

References

URL	Tags
sirt@juniper.net	http://www.securitytracker.com/id/1041858	Third Party Advisory, VDB Entry
sirt@juniper.net	https://kb.juniper.net/JSA10895	Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041858	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA10895	Mitigation, Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	ex2300	-
juniper	ex3400	-
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	qfx10000	-
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	qfx5110	-
juniper	qfx5200	-
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	nfx_series	-
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	ex3200	-
juniper	ex4200	-
juniper	ex4300	-
juniper	ex4600	-
juniper	ex6200	-
juniper	qfx3500	-
juniper	qfx3600	-
juniper	qfx5100	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFB89F64-16BB-4A14-9084-B338668D7FF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*",
              "matchCriteriaId": "A71742CF-50B1-44BB-AB7B-27E5DCC9CF70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*",
              "matchCriteriaId": "4FD4237A-C257-4D8A-ABC4-9B2160530A4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*",
              "matchCriteriaId": "5A449C87-C5C3-48FE-9E46-64ED5DD5F193",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*",
              "matchCriteriaId": "F4B6215F-76BF-473F-B325-0975B0EB101E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d30:*:*:*:*:*:*",
              "matchCriteriaId": "A1C4A10C-49A3-4103-9E56-F881113BC5D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d35:*:*:*:*:*:*",
              "matchCriteriaId": "50E7FD07-A309-48EC-A520-C7F0FA35865C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d40:*:*:*:*:*:*",
              "matchCriteriaId": "F868948A-04D7-473B-971F-721302653633",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d45:*:*:*:*:*:*",
              "matchCriteriaId": "830A9EBA-88F1-4277-B98F-75AC52A60824",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:*:*:*:*:*:*:*",
              "matchCriteriaId": "7192552C-7D4A-4D95-BA79-CDF465E27D37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
              "matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
              "matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*",
              "matchCriteriaId": "5FF83BD0-3B28-481E-8C8F-09ECDA493DA4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD0952C4-FFCC-4A78-ADFC-289BD6E269DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
              "matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*",
              "matchCriteriaId": "0E0ECBD8-3D66-49DA-A557-5695159F0C06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*",
              "matchCriteriaId": "0EAA2998-A0D6-4818-9E7C-25E8099403E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*",
              "matchCriteriaId": "2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*",
              "matchCriteriaId": "71D211B9-B2FE-4324-AAEE-8825D5238E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "120EA9E3-788B-4CFD-A74F-17111FFD0131",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*",
              "matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
              "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
              "matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
              "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71FB14A-67D4-4EDD-BB32-07764F5AFA6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*",
              "matchCriteriaId": "D58997E6-96B4-4930-A29D-B49D06DFA9D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d51:*:*:*:*:*:*",
              "matchCriteriaId": "AFB887FD-D3FB-439F-9A89-CC367A74DB00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d52:*:*:*:*:*:*",
              "matchCriteriaId": "BDA46912-D173-49C5-A0A1-64BD0889D3A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d55:*:*:*:*:*:*",
              "matchCriteriaId": "3BEE4EE4-18D9-4FA9-9A02-917240B851AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d57:*:*:*:*:*:*",
              "matchCriteriaId": "188FED65-8A81-4BB0-B10B-8CA17B4F71CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d58:*:*:*:*:*:*",
              "matchCriteriaId": "9F03E847-748B-43BD-B6C1-BFDECE99BC3C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B3302CB-457F-4BD2-B80B-F70FB4C4542E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DAF5E7-E610-4D74-8573-41C16D642837",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71FB14A-67D4-4EDD-BB32-07764F5AFA6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*",
              "matchCriteriaId": "6E87C765-8D68-404A-AC71-3F22A7260E8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
              "matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
              "matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
              "matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
              "matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
              "matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
              "matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*",
              "matchCriteriaId": "D58997E6-96B4-4930-A29D-B49D06DFA9D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*",
              "matchCriteriaId": "962CCED8-E321-4878-9BE6-0DC33778559A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*",
              "matchCriteriaId": "2B08B97A-5D4D-405B-A1C4-9E327E4EED35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*",
              "matchCriteriaId": "738C1061-E8B8-4924-AFE9-5E59F22CA4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*",
              "matchCriteriaId": "9071DC8C-D0AA-448E-82BF-7C801199193F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d64:*:*:*:*:*:*",
              "matchCriteriaId": "395CC50B-9042-4B12-9A1C-A8D5D571DC25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d65:*:*:*:*:*:*",
              "matchCriteriaId": "F0396190-54A5-4F11-8530-B5EC7BCBC85A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d66:*:*:*:*:*:*",
              "matchCriteriaId": "E56CF063-0CB3-4BD6-978B-B9D7C0C8C4AF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:qfx10000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AF2039C-E08C-472F-82E6-DAD3F94724B5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71FB14A-67D4-4EDD-BB32-07764F5AFA6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*",
              "matchCriteriaId": "BBD36C0D-0F44-4349-968D-4CD60F281D84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d230:*:*:*:*:*:*",
              "matchCriteriaId": "3E364FE2-5FB1-4E14-8DF5-CA21F4BFBBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d231:*:*:*:*:*:*",
              "matchCriteriaId": "7F22C4C2-20E0-428F-A9BF-37E8BD63A9E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d232:*:*:*:*:*:*",
              "matchCriteriaId": "71334963-7BF1-49DB-84E6-D6F2A927458B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
              "matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71FB14A-67D4-4EDD-BB32-07764F5AFA6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d40:*:*:*:*:*:*",
              "matchCriteriaId": "C2B5ED13-F998-447C-8FEA-047FE9FE2F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d45:*:*:*:*:*:*",
              "matchCriteriaId": "65F3CD2A-D5E1-4EFF-9013-6D81B396F765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d490:*:*:*:*:*:*",
              "matchCriteriaId": "5582D0E6-292E-487B-9DAC-143D5D1C0D54",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:nfx_series:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F04DBDB-7DCD-49D6-B735-D97FC0947A7A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
              "matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
              "matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
              "matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
              "matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
              "matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
              "matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*",
              "matchCriteriaId": "74500FC7-EE82-4AA8-9A5F-15DE4835E337",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*",
              "matchCriteriaId": "AAE14AE1-6756-4831-A8D5-A6D07DB24AF2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:ex3200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C7A20FC-A19F-4881-A0E8-C440E9FE60D0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53269C69-3D1E-4F05-8EF6-81743D7A699E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E594D6DC-87F6-40D2-8268-ED6021462168",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex6200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6CC1C89-B37F-4C5F-9F79-12997C79711D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A336BD3-4AB0-4E9E-8AD5-E6413A5A53FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F4D44B0-E6CE-4380-8712-AC832DBCB424",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An improper input validation weakness in the device control daemon process (dcd) of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and connected clients when the Junos device is requesting an IP address for itself. Junos devices are not vulnerable to this issue when not configured to use DHCP. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D40 on SRX Series; 12.3X48 versions prior to 12.3X48-D20 on SRX Series; 14.1X53 versions prior to 14.1X53-D40 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 15.1X49 versions prior to 15.1X49-D20 on SRX Series; 15.1X53 versions prior to 15.1X53-D68 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D235 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D495 on NFX150, NFX250; 15.1X53 versions prior to 15.1X53-D590 on EX2300/EX3400; 15.1 versions prior to 15.1R7-S2."
    },
    {
      "lang": "es",
      "value": "Una debilidad de validaci\u00f3n de entradas incorrecta en el proceso del demonio de control del dispositivo (dcd) de Juniper Networks Junos OS permite que un atacante provoque una denegaci\u00f3n de servicio (DoS) en el proceso y las interfaces dcd, as\u00ed como los clientes conectados, cuando el dispositivo Junos solicita una direcci\u00f3n IP para s\u00ed mismo. Los dispositivos Junos no son vulnerables a este problema cuando no est\u00e1n configurados para emplear DHCP. Las versiones afectadas son Juniper Networks Junos OS: 12.1X46 en versiones anteriores a la 12.1X46-D40 en la serie SRX; 12.3X48 en versiones anteriores a la 12.3X48-D20 en la serie SRX; 14.1X53 en versiones anteriores a la 14.1X53-D40 en EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 15.1X49 en versiones anteriores a la 15.1X49-D20 en la serie SRX; 15.1X53 en versiones anteriores a la 15.1X53-D68 en la serie QFX10000; 15.1X53 en versiones anteriores a la 15.1X53-D235 en QFX5200/QFX5110; 15.1X53 en versiones anteriores a la 15.1X53-D495 en NFX150, NFX250; 15.1X53 en versiones anteriores a la 15.1X53-D590 en EX2300/EX3400; 15.1 en versiones anteriores a la 15.1R7-S2."
    }
  ],
  "id": "CVE-2018-0060",
  "lastModified": "2024-11-21T03:37:29.120",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-10T18:29:03.373",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041858"
    },
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10895"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10895"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-10-10 18:29

Modified

2024-11-21 03:37

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A Denial of Service vulnerability in J-Web service may allow a remote unauthenticated user to cause Denial of Service which may prevent other users to authenticate or to perform J-Web operations. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D60 on SRX Series; 15.1 versions prior to 15.1R7; 15.1F6; 15.1X49 versions prior to 15.1X49-D120 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400 Series; 15.1X53 versions prior to 15.1X53-D67 on QFX10K Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D470, 15.1X53-D495 on NFX Series; 16.1 versions prior to 16.1R6; 16.2 versions prior to 16.2R2-S6, 16.2R3; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R2. No other Juniper Networks products or platforms are affected by this issue.

References

URL	Tags
sirt@juniper.net	http://www.securitytracker.com/id/1041860	Third Party Advisory, VDB Entry
sirt@juniper.net	https://kb.juniper.net/JSA10897	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041860	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA10897	Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.1x46
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	ex2300	-
juniper	ex3400	-
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	qfx10000	-
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	qfx5110	-
juniper	qfx5200	-
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	nfx_series	-
juniper	junos	16.1
juniper	junos	16.1
juniper	junos	16.1
juniper	junos	16.1
juniper	junos	16.1
juniper	junos	16.1
juniper	junos	16.2
juniper	junos	16.2
juniper	junos	16.2
juniper	junos	17.1
juniper	junos	17.1
juniper	junos	17.1
juniper	junos	17.2
juniper	junos	17.2
juniper	junos	17.2
juniper	junos	17.3
juniper	junos	17.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFB89F64-16BB-4A14-9084-B338668D7FF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*",
              "matchCriteriaId": "A71742CF-50B1-44BB-AB7B-27E5DCC9CF70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*",
              "matchCriteriaId": "4FD4237A-C257-4D8A-ABC4-9B2160530A4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*",
              "matchCriteriaId": "5A449C87-C5C3-48FE-9E46-64ED5DD5F193",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*",
              "matchCriteriaId": "F4B6215F-76BF-473F-B325-0975B0EB101E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d30:*:*:*:*:*:*",
              "matchCriteriaId": "A1C4A10C-49A3-4103-9E56-F881113BC5D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d35:*:*:*:*:*:*",
              "matchCriteriaId": "50E7FD07-A309-48EC-A520-C7F0FA35865C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d40:*:*:*:*:*:*",
              "matchCriteriaId": "F868948A-04D7-473B-971F-721302653633",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d45:*:*:*:*:*:*",
              "matchCriteriaId": "830A9EBA-88F1-4277-B98F-75AC52A60824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d50:*:*:*:*:*:*",
              "matchCriteriaId": "BFA2ADAB-E486-4DBB-8B84-CC095D102278",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d55:*:*:*:*:*:*",
              "matchCriteriaId": "9ACD0C03-ACD9-4D47-B3EE-1D8753FF5A83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d60:*:*:*:*:*:*",
              "matchCriteriaId": "0DD32D8A-7531-4691-B45D-9EACC69A23D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:d65:*:*:*:*:*:*",
              "matchCriteriaId": "76DFA52F-5B2E-47DA-9A8E-7D17A7413929",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E014A0D-0054-4EBA-BA1F-035B74BD822F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "371A7DF8-3F4B-439D-8990-D1BC6F0C25C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r11:*:*:*:*:*:*",
              "matchCriteriaId": "F0DD051A-E486-4A9D-A978-A5A980AAF237",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "7CC3BCFD-2B0F-4994-9FE4-9D37FA85F1E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "C6F309FD-0A5A-4C86-B227-B2B511A5CEB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r4:*:*:*:*:*:*",
              "matchCriteriaId": "960059B5-0701-4B75-AB51-0A430247D9F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r5:*:*:*:*:*:*",
              "matchCriteriaId": "1D1DCA52-DA81-495B-B516-5571F01E3B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r6:*:*:*:*:*:*",
              "matchCriteriaId": "05E187F6-BACD-4DD5-B393-B2FE4349053A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r7:*:*:*:*:*:*",
              "matchCriteriaId": "3C240840-A6BC-4E3D-A60D-22F08E67E2B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r8:*:*:*:*:*:*",
              "matchCriteriaId": "CC90563F-6BCB-4D77-8FD4-584E3A6C7741",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:r9:*:*:*:*:*:*",
              "matchCriteriaId": "5AD03BA7-D9EC-420F-97C4-383F79D6873F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:*:*:*:*:*:*:*",
              "matchCriteriaId": "7192552C-7D4A-4D95-BA79-CDF465E27D37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
              "matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
              "matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*",
              "matchCriteriaId": "5FF83BD0-3B28-481E-8C8F-09ECDA493DA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*",
              "matchCriteriaId": "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*",
              "matchCriteriaId": "3C82799B-BD25-4359-9E3D-4D7CA7367525",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*",
              "matchCriteriaId": "094485FF-960C-4533-A2AF-6C4D420D260D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*",
              "matchCriteriaId": "F8BE3661-1DE5-4F57-9384-68C1B34F6812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*",
              "matchCriteriaId": "B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*",
              "matchCriteriaId": "C6C694C6-C58C-4513-91E8-6CC22A2386E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*",
              "matchCriteriaId": "6B65EF51-ED97-4973-94C4-8F66C553F190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*",
              "matchCriteriaId": "9EE7C08A-2A4B-4A84-AD95-A890913E2EE3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD0952C4-FFCC-4A78-ADFC-289BD6E269DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
              "matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*",
              "matchCriteriaId": "0E0ECBD8-3D66-49DA-A557-5695159F0C06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*",
              "matchCriteriaId": "0EAA2998-A0D6-4818-9E7C-25E8099403E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*",
              "matchCriteriaId": "2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*",
              "matchCriteriaId": "71D211B9-B2FE-4324-AAEE-8825D5238E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:f7:*:*:*:*:*:*",
              "matchCriteriaId": "BD332D86-5DA7-49A4-98C3-E4D946832DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "08FC0245-A4FF-42C0-A236-8569301E351A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "120EA9E3-788B-4CFD-A74F-17111FFD0131",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*",
              "matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
              "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
              "matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
              "matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
              "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
              "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
              "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
              "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
              "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
              "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
              "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
              "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
              "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
              "matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
              "matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
              "matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
              "matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71FB14A-67D4-4EDD-BB32-07764F5AFA6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*",
              "matchCriteriaId": "D58997E6-96B4-4930-A29D-B49D06DFA9D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d51:*:*:*:*:*:*",
              "matchCriteriaId": "AFB887FD-D3FB-439F-9A89-CC367A74DB00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d52:*:*:*:*:*:*",
              "matchCriteriaId": "BDA46912-D173-49C5-A0A1-64BD0889D3A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d55:*:*:*:*:*:*",
              "matchCriteriaId": "3BEE4EE4-18D9-4FA9-9A02-917240B851AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d57:*:*:*:*:*:*",
              "matchCriteriaId": "188FED65-8A81-4BB0-B10B-8CA17B4F71CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d58:*:*:*:*:*:*",
              "matchCriteriaId": "9F03E847-748B-43BD-B6C1-BFDECE99BC3C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B3302CB-457F-4BD2-B80B-F70FB4C4542E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DAF5E7-E610-4D74-8573-41C16D642837",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71FB14A-67D4-4EDD-BB32-07764F5AFA6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*",
              "matchCriteriaId": "6E87C765-8D68-404A-AC71-3F22A7260E8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
              "matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
              "matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
              "matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
              "matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
              "matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
              "matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*",
              "matchCriteriaId": "D58997E6-96B4-4930-A29D-B49D06DFA9D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*",
              "matchCriteriaId": "962CCED8-E321-4878-9BE6-0DC33778559A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*",
              "matchCriteriaId": "2B08B97A-5D4D-405B-A1C4-9E327E4EED35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*",
              "matchCriteriaId": "738C1061-E8B8-4924-AFE9-5E59F22CA4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*",
              "matchCriteriaId": "9071DC8C-D0AA-448E-82BF-7C801199193F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d64:*:*:*:*:*:*",
              "matchCriteriaId": "395CC50B-9042-4B12-9A1C-A8D5D571DC25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d65:*:*:*:*:*:*",
              "matchCriteriaId": "F0396190-54A5-4F11-8530-B5EC7BCBC85A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d66:*:*:*:*:*:*",
              "matchCriteriaId": "E56CF063-0CB3-4BD6-978B-B9D7C0C8C4AF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:qfx10000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AF2039C-E08C-472F-82E6-DAD3F94724B5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71FB14A-67D4-4EDD-BB32-07764F5AFA6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*",
              "matchCriteriaId": "BBD36C0D-0F44-4349-968D-4CD60F281D84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d230:*:*:*:*:*:*",
              "matchCriteriaId": "3E364FE2-5FB1-4E14-8DF5-CA21F4BFBBC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d231:*:*:*:*:*:*",
              "matchCriteriaId": "7F22C4C2-20E0-428F-A9BF-37E8BD63A9E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d232:*:*:*:*:*:*",
              "matchCriteriaId": "71334963-7BF1-49DB-84E6-D6F2A927458B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
              "matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71FB14A-67D4-4EDD-BB32-07764F5AFA6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d40:*:*:*:*:*:*",
              "matchCriteriaId": "C2B5ED13-F998-447C-8FEA-047FE9FE2F4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d45:*:*:*:*:*:*",
              "matchCriteriaId": "65F3CD2A-D5E1-4EFF-9013-6D81B396F765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d495:*:*:*:*:*:*",
              "matchCriteriaId": "723FD85C-C763-4017-B6BF-0CA707997D2A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:nfx_series:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F04DBDB-7DCD-49D6-B735-D97FC0947A7A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AC40ABB-E364-46C9-A904-C0ED02806250",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BBE35BDC-7739-4854-8BB8-E8600603DE9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "2DC47132-9EEA-4518-8F86-5CD231FBFB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "CD5A30CE-9498-4007-8E66-FD0CC6CF1836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "6D3E38C1-808C-4BD3-993D-F30855F5390F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "72194CB7-FFDC-4897-9D6E-EA3459DDDEB5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D571B57-4F4C-4232-9D3B-B2F7AAAB220B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "3661BC68-6F32-447F-8D20-FD73FBBED9C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:16.2:r3:*:*:*:*:*:*",
              "matchCriteriaId": "11BD757A-99BC-44E8-A95B-2CDDA638E469",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50B47EC5-0276-4799-B536-12B33B5F003B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "7572C187-4D58-4E0D-A605-B2B13EFF5C6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FA99E0A9-8C98-49A8-A248-A53E3B723A90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "64EB45C0-E3BD-4C0D-9E97-1DB726D66401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "E889BF9C-BDDF-4A6A-97BB-00A097EF6D91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "7D45F2C3-20FF-4A91-A440-E109B3CCE7C9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F69A0E5-B61B-405D-B501-9CB306651CEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "38A40E03-F915-4888-87B0-5950F75F097D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Denial of Service vulnerability in J-Web service may allow a remote unauthenticated user to cause Denial of Service which may prevent other users to authenticate or to perform J-Web operations. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D60 on SRX Series; 15.1 versions prior to 15.1R7; 15.1F6; 15.1X49 versions prior to 15.1X49-D120 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400 Series; 15.1X53 versions prior to 15.1X53-D67 on QFX10K Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D470, 15.1X53-D495 on NFX Series; 16.1 versions prior to 16.1R6; 16.2 versions prior to 16.2R2-S6, 16.2R3; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R2. No other Juniper Networks products or platforms are affected by this issue."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en el servicio J-Web podr\u00eda permitir que un usuario remoto no autenticado provoque una denegaci\u00f3n de servicio (DoS), lo que evitar\u00eda que otros usuarios se autentiquen o realicen operaciones J-Web. Las versiones afectadas de Juniper Networks Junos OS son: 12.1X46 en versiones anteriores a la 12.1X46-D77 en SRX Series; 12.3 en versiones anteriores a la 12.3R12-S10; 12.3X48 en versiones anteriores a la 12.3X48-D60 en SRX Series; 15.1 en versiones anteriores a la 15.1R7; 15.1F6; 15.1X49 en versiones anteriores a la 15.1X49-D120 en SRX Series; 15.1X53 en versiones anteriores a la 15.1X53-D59 en EX2300/EX3400 Series; 15.1X53 en versiones anteriores a la 15.1X53-D67 en QFX10K Series; 15.1X53 en versiones anteriores a la 15.1X53-D234 en QFX5200/QFX5110 Series; 15.1X53 en versiones anteriores a la 15.1X53-D470, 15.1X53-D495 en NFX Series; 16.1 en versiones anteriores a la 16.1R6; 16.2 en versiones anteriores a la 16.2R2-S6, 16.2R3; 17.1 en versiones anteriores a la 17.1R2-S6, 17.1R3; 17.2 en versiones anteriores a la 17.2R3 y 17.3 en versiones anteriores a la 17.3R2. No hay ning\u00fan otro producto o plataforma de Juniper Networks que se vea afectado por este problema."
    }
  ],
  "id": "CVE-2018-0062",
  "lastModified": "2024-11-21T03:37:29.403",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-10T18:29:03.593",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041860"
    },
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10897"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041860"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10897"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2018-0060

Vulnerability from cvelistv5

Published

2018-10-10 18:00

Modified

2024-09-16 17:03

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

References

▼	URL	Tags
	http://www.securitytracker.com/id/1041858	vdb-entry, x_refsource_SECTRACK
	https://kb.juniper.net/JSA10895	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Juniper Networks

Junos OS

Version: 12.1X46   < 12.1X46-D40
Version: 12.3X48   < 12.3X48-D20
Version: 15.1X49   < 15.1X49-D20

Juniper Networks	Junos OS	Version: 14.1X53 < 14.1X53-D40
Juniper Networks	Junos OS	Version: 15.1X53 < 15.1X53-D68
Juniper Networks	Junos OS	Version: 15.1X53 < 15.1X53-D235
Juniper Networks	Junos OS	Version: 15.1X53 < 15.1X53-D495
Juniper Networks	Junos OS	Version: 15.1X53 < 15.1X53-D590
Juniper Networks	Junos OS	Version: 15.1 < 15.1R7-S2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:14:16.839Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1041858",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041858"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10895"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "SRX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "12.1X46-D40",
              "status": "affected",
              "version": "12.1X46",
              "versionType": "custom"
            },
            {
              "lessThan": "12.3X48-D20",
              "status": "affected",
              "version": "12.3X48",
              "versionType": "custom"
            },
            {
              "lessThan": "15.1X49-D20",
              "status": "affected",
              "version": "15.1X49",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "14.1X53-D40",
              "status": "affected",
              "version": "14.1X53",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "QFX10000 Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "15.1X53-D68",
              "status": "affected",
              "version": "15.1X53",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "QFX5200/QFX5110"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "15.1X53-D235",
              "status": "affected",
              "version": "15.1X53",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "NFX150, NFX250"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "15.1X53-D495",
              "status": "affected",
              "version": "15.1X53",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "EX2300/EX3400"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "15.1X53-D590",
              "status": "affected",
              "version": "15.1X53",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "15.1R7-S2",
              "status": "affected",
              "version": "15.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2018-10-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper input validation weakness in the device control daemon process (dcd) of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and connected clients when the Junos device is requesting an IP address for itself. Junos devices are not vulnerable to this issue when not configured to use DHCP. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D40 on SRX Series; 12.3X48 versions prior to 12.3X48-D20 on SRX Series; 14.1X53 versions prior to 14.1X53-D40 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 15.1X49 versions prior to 15.1X49-D20 on SRX Series; 15.1X53 versions prior to 15.1X53-D68 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D235 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D495 on NFX150, NFX250; 15.1X53 versions prior to 15.1X53-D590 on EX2300/EX3400; 15.1 versions prior to 15.1R7-S2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper input validation",
              "lang": "en",
              "type": "text"
            }
          ]
        },
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-01-15T20:57:01",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "name": "1041858",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041858"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA10895"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 12.1X46-D40, 12.3X48-D20, 14.1X53-D40, 15.1X49-D20, 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 15.1R7-S2, 16.1R1and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA10895",
        "defect": [
          "1082817"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: Invalid IP/mask learned from DHCP server might cause device control daemon (dcd) process crash",
      "workarounds": [
        {
          "lang": "en",
          "value": "Configure the device to use static IP addresses for all interfaces.\nDisable DHCP services."
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2018-10-10T16:00:00.000Z",
          "ID": "CVE-2018-0060",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: Invalid IP/mask learned from DHCP server might cause device control daemon (dcd) process crash"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "12.1X46",
                            "version_value": "12.1X46-D40"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "12.3X48",
                            "version_value": "12.3X48-D20"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100",
                            "version_affected": "\u003c",
                            "version_name": "14.1X53",
                            "version_value": "14.1X53-D40"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "15.1X49",
                            "version_value": "15.1X49-D20"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "QFX10000 Series",
                            "version_affected": "\u003c",
                            "version_name": "15.1X53",
                            "version_value": "15.1X53-D68"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "QFX5200/QFX5110",
                            "version_affected": "\u003c",
                            "version_name": "15.1X53",
                            "version_value": "15.1X53-D235"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "NFX150, NFX250",
                            "version_affected": "\u003c",
                            "version_name": "15.1X53",
                            "version_value": "15.1X53-D495"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "EX2300/EX3400",
                            "version_affected": "\u003c",
                            "version_name": "15.1X53",
                            "version_value": "15.1X53-D590"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "15.1",
                            "version_value": "15.1R7-S2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper input validation weakness in the device control daemon process (dcd) of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and connected clients when the Junos device is requesting an IP address for itself. Junos devices are not vulnerable to this issue when not configured to use DHCP. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D40 on SRX Series; 12.3X48 versions prior to 12.3X48-D20 on SRX Series; 14.1X53 versions prior to 14.1X53-D40 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 15.1X49 versions prior to 15.1X49-D20 on SRX Series; 15.1X53 versions prior to 15.1X53-D68 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D235 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D495 on NFX150, NFX250; 15.1X53 versions prior to 15.1X53-D590 on EX2300/EX3400; 15.1 versions prior to 15.1R7-S2."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Improper input validation"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1041858",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041858"
            },
            {
              "name": "https://kb.juniper.net/JSA10895",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA10895"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: 12.1X46-D40, 12.3X48-D20, 14.1X53-D40, 15.1X49-D20, 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 15.1R7-S2, 16.1R1and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA10895",
          "defect": [
            "1082817"
          ],
          "discovery": "USER"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Configure the device to use static IP addresses for all interfaces.\nDisable DHCP services."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2018-0060",
    "datePublished": "2018-10-10T18:00:00Z",
    "dateReserved": "2017-11-16T00:00:00",
    "dateUpdated": "2024-09-16T17:03:03.668Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-0062

Vulnerability from cvelistv5

Published

2018-10-10 18:00

Modified

2024-09-17 00:26

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

References

▼	URL	Tags
	http://www.securitytracker.com/id/1041860	vdb-entry, x_refsource_SECTRACK
	https://kb.juniper.net/JSA10897	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Juniper Networks

Junos OS

Version: 12.1X46   < 12.1X46-D77
Version: 12.3X48   < 12.3X48-D60
Version: 15.1X49   < 15.1X49-D120

Juniper Networks	Junos OS	Version: 15.1F6 Version: 12.3 < 12.3R12-S10 Version: 15.1 < 15.1R7 Version: 16.1 < 16.1R6 Version: 16.2 < 16.2R2-S6, 16.2R3 Version: 17.1 < 17.1R2-S6, 17.1R3 Version: 17.2 < 17.2R3 Version: 17.3 < 17.3R2
Juniper Networks	Junos OS	Version: 15.1X53 < 15.1X53-D59
Juniper Networks	Junos OS	Version: 15.1X53 < 15.1X53-D67
Juniper Networks	Junos OS	Version: 15.1X53 < 15.1X53-D234
Juniper Networks	Junos OS	Version: 15.1X53 < 15.1X53-D470, 15.1X53-D495

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:14:16.263Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1041860",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041860"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10897"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "SRX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "12.1X46-D77",
              "status": "affected",
              "version": "12.1X46",
              "versionType": "custom"
            },
            {
              "lessThan": "12.3X48-D60",
              "status": "affected",
              "version": "12.3X48",
              "versionType": "custom"
            },
            {
              "lessThan": "15.1X49-D120",
              "status": "affected",
              "version": "15.1X49",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "status": "affected",
              "version": "15.1F6"
            },
            {
              "lessThan": "12.3R12-S10",
              "status": "affected",
              "version": "12.3",
              "versionType": "custom"
            },
            {
              "lessThan": "15.1R7",
              "status": "affected",
              "version": "15.1",
              "versionType": "custom"
            },
            {
              "lessThan": "16.1R6",
              "status": "affected",
              "version": "16.1",
              "versionType": "custom"
            },
            {
              "lessThan": "16.2R2-S6, 16.2R3",
              "status": "affected",
              "version": "16.2",
              "versionType": "custom"
            },
            {
              "lessThan": "17.1R2-S6, 17.1R3",
              "status": "affected",
              "version": "17.1",
              "versionType": "custom"
            },
            {
              "lessThan": "17.2R3",
              "status": "affected",
              "version": "17.2",
              "versionType": "custom"
            },
            {
              "lessThan": "17.3R2",
              "status": "affected",
              "version": "17.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "EX2300/EX3400 Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "15.1X53-D59",
              "status": "affected",
              "version": "15.1X53",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "QFX10K Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "15.1X53-D67",
              "status": "affected",
              "version": "15.1X53",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "QFX5200/QFX5110 Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "15.1X53-D234",
              "status": "affected",
              "version": "15.1X53",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "NFX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "15.1X53-D470, 15.1X53-D495",
              "status": "affected",
              "version": "15.1X53",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "The examples of the config stanza affected by this issue:\n  system services web-management http\n  system services web-management https"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Alex Chash from SecureCom Limited (https://www.securecom.co.nz)"
        }
      ],
      "datePublic": "2018-10-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Denial of Service vulnerability in J-Web service may allow a remote unauthenticated user to cause Denial of Service which may prevent other users to authenticate or to perform J-Web operations. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D60 on SRX Series; 15.1 versions prior to 15.1R7; 15.1F6; 15.1X49 versions prior to 15.1X49-D120 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400 Series; 15.1X53 versions prior to 15.1X53-D67 on QFX10K Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D470, 15.1X53-D495 on NFX Series; 16.1 versions prior to 16.1R6; 16.2 versions prior to 16.2R2-S6, 16.2R3; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R2. No other Juniper Networks products or platforms are affected by this issue."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T09:57:01",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "name": "1041860",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041860"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA10897"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 12.1X46-D77, 12.3R12-S10,12.3X48-D60, 15.1R7, 15.1X49-D120, 15.1X53-D234, 15.1X53-D470, 15.1X53-D495, 15.1X53-D59, 15.1X53-D67, 16.1R6, 16.2R2-S6, 16.2R3, 17.1R2-S6, 17.1R3, 17.2R3, 17.3R2, 17.4R1 and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA10897",
        "defect": [
          "1264695"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Junos OS: Denial of Service in J-Web",
      "workarounds": [
        {
          "lang": "en",
          "value": "Limit access to J-Web from only trusted hosts, networks and administrators."
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2018-10-10T16:00:00.000Z",
          "ID": "CVE-2018-0062",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: Denial of Service in J-Web"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "12.1X46",
                            "version_value": "12.1X46-D77"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "12.3",
                            "version_value": "12.3R12-S10"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "12.3X48",
                            "version_value": "12.3X48-D60"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "15.1",
                            "version_value": "15.1R7"
                          },
                          {
                            "affected": "=",
                            "version_affected": "=",
                            "version_name": "15.1F6",
                            "version_value": "15.1F6"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "15.1X49",
                            "version_value": "15.1X49-D120"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "EX2300/EX3400 Series",
                            "version_affected": "\u003c",
                            "version_name": "15.1X53",
                            "version_value": "15.1X53-D59"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "QFX10K Series",
                            "version_affected": "\u003c",
                            "version_name": "15.1X53",
                            "version_value": "15.1X53-D67"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "QFX5200/QFX5110 Series",
                            "version_affected": "\u003c",
                            "version_name": "15.1X53",
                            "version_value": "15.1X53-D234"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "NFX Series",
                            "version_affected": "\u003c",
                            "version_name": "15.1X53",
                            "version_value": "15.1X53-D470, 15.1X53-D495"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "16.1",
                            "version_value": "16.1R6"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "16.2",
                            "version_value": "16.2R2-S6, 16.2R3"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "17.1",
                            "version_value": "17.1R2-S6, 17.1R3"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "17.2",
                            "version_value": "17.2R3"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "17.3",
                            "version_value": "17.3R2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "The examples of the config stanza affected by this issue:\n  system services web-management http\n  system services web-management https"
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Alex Chash from SecureCom Limited (https://www.securecom.co.nz)"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Denial of Service vulnerability in J-Web service may allow a remote unauthenticated user to cause Denial of Service which may prevent other users to authenticate or to perform J-Web operations. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D60 on SRX Series; 15.1 versions prior to 15.1R7; 15.1F6; 15.1X49 versions prior to 15.1X49-D120 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400 Series; 15.1X53 versions prior to 15.1X53-D67 on QFX10K Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D470, 15.1X53-D495 on NFX Series; 16.1 versions prior to 16.1R6; 16.2 versions prior to 16.2R2-S6, 16.2R3; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R2. No other Juniper Networks products or platforms are affected by this issue."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1041860",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041860"
            },
            {
              "name": "https://kb.juniper.net/JSA10897",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA10897"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: 12.1X46-D77, 12.3R12-S10,12.3X48-D60, 15.1R7, 15.1X49-D120, 15.1X53-D234, 15.1X53-D470, 15.1X53-D495, 15.1X53-D59, 15.1X53-D67, 16.1R6, 16.2R2-S6, 16.2R3, 17.1R2-S6, 17.1R3, 17.2R3, 17.3R2, 17.4R1 and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA10897",
          "defect": [
            "1264695"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Limit access to J-Web from only trusted hosts, networks and administrators."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2018-0062",
    "datePublished": "2018-10-10T18:00:00Z",
    "dateReserved": "2017-11-16T00:00:00",
    "dateUpdated": "2024-09-17T00:26:47.423Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}