cvelistv5 - CVE-2008-2420

CVE-2008-2420 (GCVE-0-2008-2420)

Vulnerability from cvelistv5 – Published: 2008-05-23 15:00 – Updated: 2024-08-07 08:58

Summary

The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://secunia.com/advisories/30425	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://www.vupen.com/english/advisories/2008/1569…	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/30335	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/31438	third-party-advisoryx_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://stunnel.mirt.net/pipermail/stunnel-announc…	mailing-listx_refsource_MLIST
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://security.gentoo.org/glsa/glsa-200808-08.xml	vendor-advisoryx_refsource_GENTOO
	http://www.securityfocus.com/bid/29309	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:58:02.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "30425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30425"
          },
          {
            "name": "stunnel-ocsp-security-bypass(42528)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
          },
          {
            "name": "FEDORA-2008-4606",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
          },
          {
            "name": "ADV-2008-1569",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1569/references"
          },
          {
            "name": "30335",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30335"
          },
          {
            "name": "31438",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31438"
          },
          {
            "name": "FEDORA-2008-4531",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
          },
          {
            "name": "MDVSA-2008:168",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
          },
          {
            "name": "[stunnel-announce] 20080519 stunnel 4.24 released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
          },
          {
            "name": "FEDORA-2008-4579",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
          },
          {
            "name": "GLSA-200808-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
          },
          {
            "name": "29309",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29309"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-05-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "30425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30425"
        },
        {
          "name": "stunnel-ocsp-security-bypass(42528)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
        },
        {
          "name": "FEDORA-2008-4606",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
        },
        {
          "name": "ADV-2008-1569",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1569/references"
        },
        {
          "name": "30335",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30335"
        },
        {
          "name": "31438",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31438"
        },
        {
          "name": "FEDORA-2008-4531",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
        },
        {
          "name": "MDVSA-2008:168",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
        },
        {
          "name": "[stunnel-announce] 20080519 stunnel 4.24 released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
        },
        {
          "name": "FEDORA-2008-4579",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
        },
        {
          "name": "GLSA-200808-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
        },
        {
          "name": "29309",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29309"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2420",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "30425",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30425"
            },
            {
              "name": "stunnel-ocsp-security-bypass(42528)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
            },
            {
              "name": "FEDORA-2008-4606",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
            },
            {
              "name": "ADV-2008-1569",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1569/references"
            },
            {
              "name": "30335",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30335"
            },
            {
              "name": "31438",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31438"
            },
            {
              "name": "FEDORA-2008-4531",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
            },
            {
              "name": "MDVSA-2008:168",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
            },
            {
              "name": "[stunnel-announce] 20080519 stunnel 4.24 released",
              "refsource": "MLIST",
              "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
            },
            {
              "name": "FEDORA-2008-4579",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
            },
            {
              "name": "GLSA-200808-08",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
            },
            {
              "name": "29309",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29309"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-2420",
    "datePublished": "2008-05-23T15:00:00",
    "dateReserved": "2008-05-23T00:00:00",
    "dateUpdated": "2024-08-07T08:58:02.605Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D009335-E83C-4B35-ADB0-CBD6B82C0EA3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F4B0933-7D3A-43C9-9E42-FF5DAE94EDEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F317B556-717B-46B9-A81E-63FC61723B72\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"400FE849-D547-44DE-B06F-5B68E5B20E07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.8p1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4AEA6DC-1A98-433F-B916-597395D5914A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.8p2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB24165B-92FD-48BA-94C3-87A922DDC6E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.8p3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B04F4BE4-34DE-4B8A-A1F1-32D12D33A5AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.8p4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A04CF19D-9C30-4433-A5E2-F3949479BE36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B256301B-9C6A-4BA6-8318-675C0EF4C316\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC33DAEE-8F51-404F-B5C4-B8A30B467E94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FCDC66D-3BF5-4763-8877-38B0D3326E62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75772E28-BD93-4981-96FA-CDF41DAF65AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2415230E-4F66-4DDE-9E34-F685E8F4085A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5121749D-3E19-4A9B-8C2D-84420A4E289B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E14DE44-69E6-4D0E-AD06-A829AFCDE528\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D5B202D-D93D-4E33-BC9F-DA44B727C0B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCC62D42-832D-4E6E-93D9-E7BA0CBC7799\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5D49F98-9A24-464A-8695-58218C14B3DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADFFE78D-90EC-46C6-B215-2EADD9E0D146\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6132108C-C344-4ABC-AF40-1925830A6723\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8362D330-E286-4534-8560-B4B38E21767F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0496D60-BE45-45FF-B360-60E59443DB96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA2EA0D4-05B6-4500-9374-74BBDAB6001F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F16BDA03-BFAB-4839-A83A-370865928225\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDC6F568-DB15-40BD-906B-A4ED4804C40A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB5A2E06-A98E-409C-9A90-460AF4CCF101\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9DF66986-248A-4EE8-B60F-182C774A4066\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB8991F3-A5F5-41EE-8809-31E09BAC4DCB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD371A76-9729-487E-AA15-775FFEBE3473\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7B30722-13DD-41C5-9CFA-0719B351CF46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"722BA04D-BA9B-427C-B129-06EFEC3F2859\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2891FF7D-E62E-47F4-8873-1E4066247348\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A129110-60C1-46FC-9817-6E3802ADB389\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF52167B-1109-4E02-A02F-17465F4C47FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61536049-1C52-42E2-96DC-E5FF88BCC850\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE0EE4B5-C9D3-4DF1-B7B7-377B281FA313\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2811F3BC-03F8-4781-8D01-BAAE1BDE8895\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82C4D865-9641-4E28-935C-BDCBDB9C2CEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BF1DADF-BD26-41CF-BFA3-3C2928CDF9F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75CF8185-A8FC-4EEE-B937-34924834AB43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1561B7D-78BC-4910-85F4-113E84B97B3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63DDF225-57D2-40E5-9BCA-672FBB3E2A6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04043E99-5F67-4FE9-89FC-695B981FBD5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD11753B-1993-4DE5-B172-AF4839B5620E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"711059F5-ACB3-4D2A-931F-BA1C4422FC8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DDB6C42-0837-462B-BE2B-11A81B43C590\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EEAAF27-156A-40FF-ADBF-79D851E744AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB202677-DDC6-42D1-9A90-CD4A79198553\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2C3EF02-B456-4506-94E8-5C41CB4FF69B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B07502AA-E3E7-4143-B194-7C366CEA4A28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97C554E8-62F4-4C73-821D-AB93D8EE841C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"061A0C84-B26C-4ED6-9771-8B7D29DB7053\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad en la funcionalidad OCSP en stunnel anteriores a 4.24 no busca de forma adecuada la lista de revocaci\\u00f3n de certificado (CRL), que permite a atacantes remotos intentar saltarse las restricciones de acceso utilizando certificados revocados.\\r\\n\"}]",
      "id": "CVE-2008-2420",
      "lastModified": "2024-11-21T00:46:50.870",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
      "published": "2008-05-23T15:32:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/30335\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30425\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/31438\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200808-08.xml\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:168\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/29309\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1569/references\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/42528\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/30335\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30425\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/31438\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200808-08.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2008:168\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/29309\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1569/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/42528\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vendorComments": "[{\"organization\": \"Red Hat\", \"comment\": \"Not vulnerable. OCSP protocol support was only implemented in upstream stunnel version 4.16.  Therefore OCSP protocol is not available in the versions of stunnel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\\n\\n\", \"lastModified\": \"2008-05-26T00:00:00\"}]",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-2420\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-05-23T15:32:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en la funcionalidad OCSP en stunnel anteriores a 4.24 no busca de forma adecuada la lista de revocaci\u00f3n de certificado (CRL), que permite a atacantes remotos intentar saltarse las restricciones de acceso utilizando certificados revocados.\\r\\n\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D009335-E83C-4B35-ADB0-CBD6B82C0EA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F4B0933-7D3A-43C9-9E42-FF5DAE94EDEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F317B556-717B-46B9-A81E-63FC61723B72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"400FE849-D547-44DE-B06F-5B68E5B20E07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.8p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4AEA6DC-1A98-433F-B916-597395D5914A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.8p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB24165B-92FD-48BA-94C3-87A922DDC6E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.8p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B04F4BE4-34DE-4B8A-A1F1-32D12D33A5AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.8p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A04CF19D-9C30-4433-A5E2-F3949479BE36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B256301B-9C6A-4BA6-8318-675C0EF4C316\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC33DAEE-8F51-404F-B5C4-B8A30B467E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FCDC66D-3BF5-4763-8877-38B0D3326E62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75772E28-BD93-4981-96FA-CDF41DAF65AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2415230E-4F66-4DDE-9E34-F685E8F4085A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5121749D-3E19-4A9B-8C2D-84420A4E289B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E14DE44-69E6-4D0E-AD06-A829AFCDE528\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D5B202D-D93D-4E33-BC9F-DA44B727C0B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC62D42-832D-4E6E-93D9-E7BA0CBC7799\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5D49F98-9A24-464A-8695-58218C14B3DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADFFE78D-90EC-46C6-B215-2EADD9E0D146\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6132108C-C344-4ABC-AF40-1925830A6723\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8362D330-E286-4534-8560-B4B38E21767F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0496D60-BE45-45FF-B360-60E59443DB96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA2EA0D4-05B6-4500-9374-74BBDAB6001F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F16BDA03-BFAB-4839-A83A-370865928225\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDC6F568-DB15-40BD-906B-A4ED4804C40A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB5A2E06-A98E-409C-9A90-460AF4CCF101\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DF66986-248A-4EE8-B60F-182C774A4066\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB8991F3-A5F5-41EE-8809-31E09BAC4DCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD371A76-9729-487E-AA15-775FFEBE3473\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7B30722-13DD-41C5-9CFA-0719B351CF46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"722BA04D-BA9B-427C-B129-06EFEC3F2859\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2891FF7D-E62E-47F4-8873-1E4066247348\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A129110-60C1-46FC-9817-6E3802ADB389\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF52167B-1109-4E02-A02F-17465F4C47FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61536049-1C52-42E2-96DC-E5FF88BCC850\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE0EE4B5-C9D3-4DF1-B7B7-377B281FA313\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2811F3BC-03F8-4781-8D01-BAAE1BDE8895\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82C4D865-9641-4E28-935C-BDCBDB9C2CEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BF1DADF-BD26-41CF-BFA3-3C2928CDF9F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75CF8185-A8FC-4EEE-B937-34924834AB43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1561B7D-78BC-4910-85F4-113E84B97B3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63DDF225-57D2-40E5-9BCA-672FBB3E2A6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04043E99-5F67-4FE9-89FC-695B981FBD5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD11753B-1993-4DE5-B172-AF4839B5620E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"711059F5-ACB3-4D2A-931F-BA1C4422FC8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DDB6C42-0837-462B-BE2B-11A81B43C590\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EEAAF27-156A-40FF-ADBF-79D851E744AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB202677-DDC6-42D1-9A90-CD4A79198553\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2C3EF02-B456-4506-94E8-5C41CB4FF69B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B07502AA-E3E7-4143-B194-7C366CEA4A28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97C554E8-62F4-4C73-821D-AB93D8EE841C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"061A0C84-B26C-4ED6-9771-8B7D29DB7053\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/30335\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30425\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/31438\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200808-08.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:168\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/29309\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1569/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/42528\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/30335\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30425\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31438\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200808-08.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:168\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/29309\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1569/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/42528\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Not vulnerable. OCSP protocol support was only implemented in upstream stunnel version 4.16.  Therefore OCSP protocol is not available in the versions of stunnel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\\n\\n\",\"lastModified\":\"2008-05-26T00:00:00\"}]}}"
  }
}

CERTFR-2018-AVI-184

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Juniper . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Junos Snapshot Administrator (JSNAPy) versions antérieures à 1.3.0
Juniper Networks	N/A	CentOS versions 6.5 antérieures à 2012.2R12
Juniper Networks	N/A	Steel-Belted Radius (SBR) Carrier 8.2.0 antérieures à 8.2.0-R18
Juniper Networks	N/A	NorthStar Controller versions 3.2.x antérieures à 3.2.1
Juniper Networks	N/A	NorthStar Controller versions 3.0.x antérieures à 3.0.1
Juniper Networks	N/A	CTPOS versions antérieures à 7.3R4 ou 7.4R1
Juniper Networks	N/A	CTPView versions antérieures à 7.3R4 ou 7.4R2
Juniper Networks	N/A	Steel-Belted Radius (SBR) Carrier versions 8.3.0.x antérieures à 8.3.0-R11
Juniper Networks	N/A	Steel-Belted Radius (SBR) Carrier versions 8.4.1.x antérieures à 8.4.1-R5
Juniper Networks	N/A	NSM versions antérieures à 2012.2R14
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D50
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10K
Juniper Networks	Junos OS	Junos OS versions 12.1X46 antérieures à 12.1X46-D76
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R2
Juniper Networks	Junos OS	Junos OS versions 16.1X65 antérieures à 16.1X65-D47
Juniper Networks	Junos OS	Junos OS versions 17.2 antérieures à 17.2R1-S5, 17.2R2
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D60 sur SRX
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R5-S3, 16.1R7
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D90
Juniper Networks	Junos OS	Junos OS versions 17.2 antérieures à 17.2R1-S3, 17.2R2-S1, 17.2R3
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5
Juniper Networks	Junos OS	Junos OS versions 12.3 antérieures à 12.3R12-S7, 12.3R13
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D100
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F2-S20, 15.1F6-S10, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 12.1X46 antérieures à 12.1X46-D60 sur SRX
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D60
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D130 sur SRX
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D65
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R1-S7, 17.1R2-S6, 17.1R3
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D131, 15.1X49-D140
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D35 sur SRX
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S6, 16.1R5
Juniper Networks	Junos OS	Junos OS versions 16.1X70 antérieures à 16.1X70-D10
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D66, 15.1X53-D233, 15.1X53-D471
Juniper Networks	Junos OS	Junos OS versions 14.1X53 antérieures à 14.1X53-D130
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D58 on EX2300/EX3400
Juniper Networks	Junos OS	Junos OS versions 14.1X53 antérieures à 14.1X53-D47
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R2-S3, 17.1R3
Juniper Networks	Junos OS	Junos OS versions 17.2X75 antérieures à 17.2X75-D70
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D130
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D233 on QFX5200/QFX5110
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R5
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1R4-S9, 15.1R6-S6, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 14.1 antérieures à 14.1R10, 14.1R9
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R2-S6, 17.1R3
Juniper Networks	Junos OS	Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2-S5, 16.2R3
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D471 on NFX
Juniper Networks	Junos OS	Junos OS versions 16.2 antérieures à 16.2R2
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D66, 12.3X48-D70
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D59
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7
Juniper Networks	Junos OS	Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S8, 16.1R5
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D55
Juniper Networks	Junos OS	Junos OS versions 14.2 antérieures à 14.2R8

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10852 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10847 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10845 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10850 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10855 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10844 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10846 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10851 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10856 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10849 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10853 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10854 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10848 du 11 avril 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos Snapshot Administrator (JSNAPy) versions ant\u00e9rieures \u00e0 1.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CentOS versions 6.5 ant\u00e9rieures \u00e0 2012.2R12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Steel-Belted Radius (SBR) Carrier 8.2.0 ant\u00e9rieures \u00e0 8.2.0-R18",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NorthStar Controller versions 3.2.x ant\u00e9rieures \u00e0 3.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NorthStar Controller versions 3.0.x ant\u00e9rieures \u00e0 3.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "CTPOS versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "CTPView versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Steel-Belted Radius (SBR) Carrier versions 8.3.0.x ant\u00e9rieures \u00e0 8.3.0-R11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Steel-Belted Radius (SBR) Carrier versions 8.4.1.x ant\u00e9rieures \u00e0 8.4.1-R5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NSM versions ant\u00e9rieures \u00e0 2012.2R14",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D50",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10K",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D76",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1X65 ant\u00e9rieures \u00e0 16.1X65-D47",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S5, 17.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5-S3, 16.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D90",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S3, 17.2R2-S1, 17.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3 ant\u00e9rieures \u00e0 12.3R12-S7, 12.3R13",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D100",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S20, 15.1F6-S10, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D60 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D65",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R1-S7, 17.1R2-S6, 17.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D131, 15.1X49-D140",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D35 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S6, 16.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1X70 ant\u00e9rieures \u00e0 16.1X70-D10",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66, 15.1X53-D233, 15.1X53-D471",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D130",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D58 on EX2300/EX3400",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D47",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S3, 17.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.2X75 ant\u00e9rieures \u00e0 17.2X75-D70",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233 on QFX5200/QFX5110",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R4-S9, 15.1R6-S6, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.1 ant\u00e9rieures \u00e0 14.1R10, 14.1R9",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S6, 17.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2-S5, 16.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D471 on NFX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D66, 12.3X48-D70",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D59",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S8, 16.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-8767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8767"
    },
    {
      "name": "CVE-2018-0020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0020"
    },
    {
      "name": "CVE-2016-5829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5829"
    },
    {
      "name": "CVE-2016-0701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0701"
    },
    {
      "name": "CVE-2015-8324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8324"
    },
    {
      "name": "CVE-2018-0017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0017"
    },
    {
      "name": "CVE-2013-4312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4312"
    },
    {
      "name": "CVE-2018-0021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0021"
    },
    {
      "name": "CVE-2015-5156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5156"
    },
    {
      "name": "CVE-2013-1762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1762"
    },
    {
      "name": "CVE-2016-4470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4470"
    },
    {
      "name": "CVE-2017-1000385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000385"
    },
    {
      "name": "CVE-2017-3737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
    },
    {
      "name": "CVE-2018-0016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0016"
    },
    {
      "name": "CVE-2016-1583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1583"
    },
    {
      "name": "CVE-2014-7842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-7842"
    },
    {
      "name": "CVE-2015-3644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3644"
    },
    {
      "name": "CVE-2016-2550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2550"
    },
    {
      "name": "CVE-2016-5696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5696"
    },
    {
      "name": "CVE-2015-2925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2925"
    },
    {
      "name": "CVE-2018-0019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0019"
    },
    {
      "name": "CVE-2016-4565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
    },
    {
      "name": "CVE-2018-0022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0022"
    },
    {
      "name": "CVE-2014-0016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0016"
    },
    {
      "name": "CVE-2016-0774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0774"
    },
    {
      "name": "CVE-2015-7550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7550"
    },
    {
      "name": "CVE-2014-8134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8134"
    },
    {
      "name": "CVE-2015-8104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8104"
    },
    {
      "name": "CVE-2017-3732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
    },
    {
      "name": "CVE-2017-3736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3736"
    },
    {
      "name": "CVE-2015-2080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2080"
    },
    {
      "name": "CVE-2017-3735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
    },
    {
      "name": "CVE-2015-8543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8543"
    },
    {
      "name": "CVE-2015-3193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3193"
    },
    {
      "name": "CVE-2017-3738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3738"
    },
    {
      "name": "CVE-2015-7613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7613"
    },
    {
      "name": "CVE-2015-5157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5157"
    },
    {
      "name": "CVE-2008-2420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2420"
    },
    {
      "name": "CVE-2008-2400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2400"
    },
    {
      "name": "CVE-2018-0018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0018"
    },
    {
      "name": "CVE-2015-1805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1805"
    },
    {
      "name": "CVE-2018-0023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0023"
    },
    {
      "name": "CVE-2010-5313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-5313"
    },
    {
      "name": "CVE-2015-7872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7872"
    },
    {
      "name": "CVE-2015-5307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5307"
    },
    {
      "name": "CVE-2016-2143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2143"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-184",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-04-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10852 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10852\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10847 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10847\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10845 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10845\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10850 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10850\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10855 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10855\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10844 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10844\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10846 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10846\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10851 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10851\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10856 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10856\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10849 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10849\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10853 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10853\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10854 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10854\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10848 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10848\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2018-AVI-184

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Junos Snapshot Administrator (JSNAPy) versions antérieures à 1.3.0
Juniper Networks	N/A	CentOS versions 6.5 antérieures à 2012.2R12
Juniper Networks	N/A	Steel-Belted Radius (SBR) Carrier 8.2.0 antérieures à 8.2.0-R18
Juniper Networks	N/A	NorthStar Controller versions 3.2.x antérieures à 3.2.1
Juniper Networks	N/A	NorthStar Controller versions 3.0.x antérieures à 3.0.1
Juniper Networks	N/A	CTPOS versions antérieures à 7.3R4 ou 7.4R1
Juniper Networks	N/A	CTPView versions antérieures à 7.3R4 ou 7.4R2
Juniper Networks	N/A	Steel-Belted Radius (SBR) Carrier versions 8.3.0.x antérieures à 8.3.0-R11
Juniper Networks	N/A	Steel-Belted Radius (SBR) Carrier versions 8.4.1.x antérieures à 8.4.1-R5
Juniper Networks	N/A	NSM versions antérieures à 2012.2R14
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D50
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10K
Juniper Networks	Junos OS	Junos OS versions 12.1X46 antérieures à 12.1X46-D76
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R2
Juniper Networks	Junos OS	Junos OS versions 16.1X65 antérieures à 16.1X65-D47
Juniper Networks	Junos OS	Junos OS versions 17.2 antérieures à 17.2R1-S5, 17.2R2
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D60 sur SRX
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R5-S3, 16.1R7
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D90
Juniper Networks	Junos OS	Junos OS versions 17.2 antérieures à 17.2R1-S3, 17.2R2-S1, 17.2R3
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5
Juniper Networks	Junos OS	Junos OS versions 12.3 antérieures à 12.3R12-S7, 12.3R13
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D100
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F2-S20, 15.1F6-S10, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 12.1X46 antérieures à 12.1X46-D60 sur SRX
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D60
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D130 sur SRX
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D65
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R1-S7, 17.1R2-S6, 17.1R3
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D131, 15.1X49-D140
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D35 sur SRX
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S6, 16.1R5
Juniper Networks	Junos OS	Junos OS versions 16.1X70 antérieures à 16.1X70-D10
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D66, 15.1X53-D233, 15.1X53-D471
Juniper Networks	Junos OS	Junos OS versions 14.1X53 antérieures à 14.1X53-D130
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D58 on EX2300/EX3400
Juniper Networks	Junos OS	Junos OS versions 14.1X53 antérieures à 14.1X53-D47
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R2-S3, 17.1R3
Juniper Networks	Junos OS	Junos OS versions 17.2X75 antérieures à 17.2X75-D70
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D130
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D233 on QFX5200/QFX5110
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R5
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1R4-S9, 15.1R6-S6, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 14.1 antérieures à 14.1R10, 14.1R9
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R2-S6, 17.1R3
Juniper Networks	Junos OS	Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2-S5, 16.2R3
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D471 on NFX
Juniper Networks	Junos OS	Junos OS versions 16.2 antérieures à 16.2R2
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D66, 12.3X48-D70
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D59
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7
Juniper Networks	Junos OS	Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S8, 16.1R5
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D55
Juniper Networks	Junos OS	Junos OS versions 14.2 antérieures à 14.2R8

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10852 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10847 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10845 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10850 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10855 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10844 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10846 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10851 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10856 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10849 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10853 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10854 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10848 du 11 avril 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos Snapshot Administrator (JSNAPy) versions ant\u00e9rieures \u00e0 1.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CentOS versions 6.5 ant\u00e9rieures \u00e0 2012.2R12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Steel-Belted Radius (SBR) Carrier 8.2.0 ant\u00e9rieures \u00e0 8.2.0-R18",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NorthStar Controller versions 3.2.x ant\u00e9rieures \u00e0 3.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NorthStar Controller versions 3.0.x ant\u00e9rieures \u00e0 3.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "CTPOS versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "CTPView versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Steel-Belted Radius (SBR) Carrier versions 8.3.0.x ant\u00e9rieures \u00e0 8.3.0-R11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Steel-Belted Radius (SBR) Carrier versions 8.4.1.x ant\u00e9rieures \u00e0 8.4.1-R5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NSM versions ant\u00e9rieures \u00e0 2012.2R14",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D50",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10K",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D76",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1X65 ant\u00e9rieures \u00e0 16.1X65-D47",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S5, 17.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5-S3, 16.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D90",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S3, 17.2R2-S1, 17.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3 ant\u00e9rieures \u00e0 12.3R12-S7, 12.3R13",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D100",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S20, 15.1F6-S10, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D60 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D65",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R1-S7, 17.1R2-S6, 17.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D131, 15.1X49-D140",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D35 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S6, 16.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1X70 ant\u00e9rieures \u00e0 16.1X70-D10",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66, 15.1X53-D233, 15.1X53-D471",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D130",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D58 on EX2300/EX3400",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D47",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S3, 17.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.2X75 ant\u00e9rieures \u00e0 17.2X75-D70",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233 on QFX5200/QFX5110",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R4-S9, 15.1R6-S6, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.1 ant\u00e9rieures \u00e0 14.1R10, 14.1R9",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S6, 17.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2-S5, 16.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D471 on NFX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D66, 12.3X48-D70",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D59",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S8, 16.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-8767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8767"
    },
    {
      "name": "CVE-2018-0020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0020"
    },
    {
      "name": "CVE-2016-5829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5829"
    },
    {
      "name": "CVE-2016-0701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0701"
    },
    {
      "name": "CVE-2015-8324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8324"
    },
    {
      "name": "CVE-2018-0017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0017"
    },
    {
      "name": "CVE-2013-4312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4312"
    },
    {
      "name": "CVE-2018-0021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0021"
    },
    {
      "name": "CVE-2015-5156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5156"
    },
    {
      "name": "CVE-2013-1762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1762"
    },
    {
      "name": "CVE-2016-4470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4470"
    },
    {
      "name": "CVE-2017-1000385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000385"
    },
    {
      "name": "CVE-2017-3737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
    },
    {
      "name": "CVE-2018-0016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0016"
    },
    {
      "name": "CVE-2016-1583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1583"
    },
    {
      "name": "CVE-2014-7842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-7842"
    },
    {
      "name": "CVE-2015-3644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3644"
    },
    {
      "name": "CVE-2016-2550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2550"
    },
    {
      "name": "CVE-2016-5696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5696"
    },
    {
      "name": "CVE-2015-2925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2925"
    },
    {
      "name": "CVE-2018-0019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0019"
    },
    {
      "name": "CVE-2016-4565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
    },
    {
      "name": "CVE-2018-0022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0022"
    },
    {
      "name": "CVE-2014-0016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0016"
    },
    {
      "name": "CVE-2016-0774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0774"
    },
    {
      "name": "CVE-2015-7550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7550"
    },
    {
      "name": "CVE-2014-8134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8134"
    },
    {
      "name": "CVE-2015-8104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8104"
    },
    {
      "name": "CVE-2017-3732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
    },
    {
      "name": "CVE-2017-3736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3736"
    },
    {
      "name": "CVE-2015-2080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2080"
    },
    {
      "name": "CVE-2017-3735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
    },
    {
      "name": "CVE-2015-8543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8543"
    },
    {
      "name": "CVE-2015-3193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3193"
    },
    {
      "name": "CVE-2017-3738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3738"
    },
    {
      "name": "CVE-2015-7613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7613"
    },
    {
      "name": "CVE-2015-5157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5157"
    },
    {
      "name": "CVE-2008-2420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2420"
    },
    {
      "name": "CVE-2008-2400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2400"
    },
    {
      "name": "CVE-2018-0018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0018"
    },
    {
      "name": "CVE-2015-1805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1805"
    },
    {
      "name": "CVE-2018-0023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0023"
    },
    {
      "name": "CVE-2010-5313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-5313"
    },
    {
      "name": "CVE-2015-7872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7872"
    },
    {
      "name": "CVE-2015-5307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5307"
    },
    {
      "name": "CVE-2016-2143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2143"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-184",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-04-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10852 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10852\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10847 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10847\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10845 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10845\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10850 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10850\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10855 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10855\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10844 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10844\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10846 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10846\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10851 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10851\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10856 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10856\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10849 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10849\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10853 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10853\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10854 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10854\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10848 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10848\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

GHSA-7266-WH6X-6JJW

Vulnerability from github – Published: 2022-05-01 23:49 – Updated: 2022-05-01 23:49

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-2420"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-05-23T15:32:00Z",
    "severity": "MODERATE"
  },
  "details": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.",
  "id": "GHSA-7266-wh6x-6jjw",
  "modified": "2022-05-01T23:49:57Z",
  "published": "2022-05-01T23:49:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2420"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30335"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30425"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31438"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
    },
    {
      "type": "WEB",
      "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/29309"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1569/references"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2008-2420

Vulnerability from fkie_nvd - Published: 2008-05-23 15:32 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/30335	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/30425
cve@mitre.org	http://secunia.com/advisories/31438
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200808-08.xml
cve@mitre.org	http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2008:168
cve@mitre.org	http://www.securityfocus.com/bid/29309	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1569/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42528
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30335	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30425
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31438
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200808-08.xml
af854a3a-2127-422b-91ae-364da2661108	http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:168
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29309	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1569/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42528
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html

Impacted products

Vendor	Product	Version
stunnel	stunnel	3.4a
stunnel	stunnel	3.5
stunnel	stunnel	3.6
stunnel	stunnel	3.7
stunnel	stunnel	3.8
stunnel	stunnel	3.8p1
stunnel	stunnel	3.8p2
stunnel	stunnel	3.8p3
stunnel	stunnel	3.8p4
stunnel	stunnel	3.9
stunnel	stunnel	3.10
stunnel	stunnel	3.11
stunnel	stunnel	3.12
stunnel	stunnel	3.13
stunnel	stunnel	3.14
stunnel	stunnel	3.15
stunnel	stunnel	3.16
stunnel	stunnel	3.17
stunnel	stunnel	3.18
stunnel	stunnel	3.19
stunnel	stunnel	3.20
stunnel	stunnel	3.21
stunnel	stunnel	3.21a
stunnel	stunnel	3.21b
stunnel	stunnel	3.21c
stunnel	stunnel	3.22
stunnel	stunnel	3.23
stunnel	stunnel	3.24
stunnel	stunnel	3.25
stunnel	stunnel	3.26
stunnel	stunnel	4.00
stunnel	stunnel	4.01
stunnel	stunnel	4.02
stunnel	stunnel	4.03
stunnel	stunnel	4.04
stunnel	stunnel	4.05
stunnel	stunnel	4.06
stunnel	stunnel	4.07
stunnel	stunnel	4.08
stunnel	stunnel	4.09
stunnel	stunnel	4.10
stunnel	stunnel	4.11
stunnel	stunnel	4.12
stunnel	stunnel	4.13
stunnel	stunnel	4.14
stunnel	stunnel	4.15
stunnel	stunnel	4.16
stunnel	stunnel	4.17
stunnel	stunnel	4.18
stunnel	stunnel	4.19
stunnel	stunnel	4.20
stunnel	stunnel	4.21
stunnel	stunnel	4.22
stunnel	stunnel	4.23

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D009335-E83C-4B35-ADB0-CBD6B82C0EA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F4B0933-7D3A-43C9-9E42-FF5DAE94EDEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F317B556-717B-46B9-A81E-63FC61723B72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "400FE849-D547-44DE-B06F-5B68E5B20E07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4AEA6DC-1A98-433F-B916-597395D5914A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB24165B-92FD-48BA-94C3-87A922DDC6E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8p3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B04F4BE4-34DE-4B8A-A1F1-32D12D33A5AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8p4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A04CF19D-9C30-4433-A5E2-F3949479BE36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B256301B-9C6A-4BA6-8318-675C0EF4C316",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC33DAEE-8F51-404F-B5C4-B8A30B467E94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FCDC66D-3BF5-4763-8877-38B0D3326E62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "75772E28-BD93-4981-96FA-CDF41DAF65AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "2415230E-4F66-4DDE-9E34-F685E8F4085A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "5121749D-3E19-4A9B-8C2D-84420A4E289B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E14DE44-69E6-4D0E-AD06-A829AFCDE528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D5B202D-D93D-4E33-BC9F-DA44B727C0B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC62D42-832D-4E6E-93D9-E7BA0CBC7799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D49F98-9A24-464A-8695-58218C14B3DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADFFE78D-90EC-46C6-B215-2EADD9E0D146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "6132108C-C344-4ABC-AF40-1925830A6723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*",
              "matchCriteriaId": "8362D330-E286-4534-8560-B4B38E21767F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0496D60-BE45-45FF-B360-60E59443DB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA2EA0D4-05B6-4500-9374-74BBDAB6001F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16BDA03-BFAB-4839-A83A-370865928225",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDC6F568-DB15-40BD-906B-A4ED4804C40A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB5A2E06-A98E-409C-9A90-460AF4CCF101",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DF66986-248A-4EE8-B60F-182C774A4066",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB8991F3-A5F5-41EE-8809-31E09BAC4DCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD371A76-9729-487E-AA15-775FFEBE3473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7B30722-13DD-41C5-9CFA-0719B351CF46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "722BA04D-BA9B-427C-B129-06EFEC3F2859",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "2891FF7D-E62E-47F4-8873-1E4066247348",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A129110-60C1-46FC-9817-6E3802ADB389",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF52167B-1109-4E02-A02F-17465F4C47FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "61536049-1C52-42E2-96DC-E5FF88BCC850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE0EE4B5-C9D3-4DF1-B7B7-377B281FA313",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*",
              "matchCriteriaId": "2811F3BC-03F8-4781-8D01-BAAE1BDE8895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*",
              "matchCriteriaId": "82C4D865-9641-4E28-935C-BDCBDB9C2CEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BF1DADF-BD26-41CF-BFA3-3C2928CDF9F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "75CF8185-A8FC-4EEE-B937-34924834AB43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1561B7D-78BC-4910-85F4-113E84B97B3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "63DDF225-57D2-40E5-9BCA-672FBB3E2A6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04043E99-5F67-4FE9-89FC-695B981FBD5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD11753B-1993-4DE5-B172-AF4839B5620E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "711059F5-ACB3-4D2A-931F-BA1C4422FC8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DDB6C42-0837-462B-BE2B-11A81B43C590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EEAAF27-156A-40FF-ADBF-79D851E744AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB202677-DDC6-42D1-9A90-CD4A79198553",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2C3EF02-B456-4506-94E8-5C41CB4FF69B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "B07502AA-E3E7-4143-B194-7C366CEA4A28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C554E8-62F4-4C73-821D-AB93D8EE841C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "061A0C84-B26C-4ED6-9771-8B7D29DB7053",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en la funcionalidad OCSP en stunnel anteriores a 4.24 no busca de forma adecuada la lista de revocaci\u00f3n de certificado (CRL), que permite a atacantes remotos intentar saltarse las restricciones de acceso utilizando certificados revocados.\r\n"
    }
  ],
  "id": "CVE-2008-2420",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-05-23T15:32:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30335"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/30425"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31438"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29309"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1569/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30335"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31438"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29309"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1569/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. OCSP protocol support was only implemented in upstream stunnel version 4.16.  Therefore OCSP protocol is not available in the versions of stunnel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\n\n",
      "lastModified": "2008-05-26T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2008-2420

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2008-2420

Aliases

CVE-2008-2420

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-2420",
    "description": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.",
    "id": "GSD-2008-2420",
    "references": [
      "https://www.suse.com/security/cve/CVE-2008-2420.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-2420"
      ],
      "details": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.",
      "id": "GSD-2008-2420",
      "modified": "2023-12-13T01:23:00.383197Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-2420",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "30425",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30425"
          },
          {
            "name": "stunnel-ocsp-security-bypass(42528)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
          },
          {
            "name": "FEDORA-2008-4606",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
          },
          {
            "name": "ADV-2008-1569",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/1569/references"
          },
          {
            "name": "30335",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30335"
          },
          {
            "name": "31438",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31438"
          },
          {
            "name": "FEDORA-2008-4531",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
          },
          {
            "name": "MDVSA-2008:168",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
          },
          {
            "name": "[stunnel-announce] 20080519 stunnel 4.24 released",
            "refsource": "MLIST",
            "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
          },
          {
            "name": "FEDORA-2008-4579",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
          },
          {
            "name": "GLSA-200808-08",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
          },
          {
            "name": "29309",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/29309"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.8p2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.8p3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.8p1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.8p4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2420"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[stunnel-announce] 20080519 stunnel 4.24 released",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000035.html"
            },
            {
              "name": "29309",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/29309"
            },
            {
              "name": "30335",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/30335"
            },
            {
              "name": "FEDORA-2008-4531",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00856.html"
            },
            {
              "name": "FEDORA-2008-4579",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00907.html"
            },
            {
              "name": "FEDORA-2008-4606",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00942.html"
            },
            {
              "name": "30425",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30425"
            },
            {
              "name": "31438",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31438"
            },
            {
              "name": "GLSA-200808-08",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-200808-08.xml"
            },
            {
              "name": "MDVSA-2008:168",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:168"
            },
            {
              "name": "ADV-2008-1569",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/1569/references"
            },
            {
              "name": "stunnel-ocsp-security-bypass(42528)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42528"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-08T01:31Z",
      "publishedDate": "2008-05-23T15:32Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-2420 (GCVE-0-2008-2420)

CERTFR-2018-AVI-184

Solution

CERTFR-2018-AVI-184

Solution

GHSA-7266-WH6X-6JJW

FKIE_CVE-2008-2420

GSD-2008-2420

Tags

Sightings

Nomenclature