CVE-2019-0015 (GCVE-0-2019-0015)

Vulnerability from cvelistv5 – Published: 2019-01-15 21:00 – Updated: 2024-09-16 19:20
VLAI?
Summary
A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token caching, deleted users are allowed to connect once a previously successful dynamic VPN connection has been established. A reboot is required to clear the cached authentication token. Affected releases are Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D75; 15.1X49 versions prior to 15.1X49-D150; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2.
Severity ?
5.4 (Medium)
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CWE
  • Unauthorized access
Assigner
References
http://www.securityfocus.com/bid/106668 vdb-entryx_refsource_BID
https://kb.juniper.net/JSA10915 x_refsource_CONFIRM
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: 12.3X48 , < 12.3X48-D75 (custom)
Affected: 15.1X49 , < 15.1X49-D150 (custom)
Affected: 17.3 , < 17.3R3 (custom)
Affected: 17.4 , < 17.4R2 (custom)
Affected: 18.1 , < 18.1R3 (custom)
Affected: 18.2 , < 18.2R2 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:37:07.150Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "106668",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106668"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10915"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "SRX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "12.3X48-D75",
              "status": "affected",
              "version": "12.3X48",
              "versionType": "custom"
            },
            {
              "lessThan": "15.1X49-D150",
              "status": "affected",
              "version": "15.1X49",
              "versionType": "custom"
            },
            {
              "lessThan": "17.3R3",
              "status": "affected",
              "version": "17.3",
              "versionType": "custom"
            },
            {
              "lessThan": "17.4R2",
              "status": "affected",
              "version": "17.4",
              "versionType": "custom"
            },
            {
              "lessThan": "18.1R3",
              "status": "affected",
              "version": "18.1",
              "versionType": "custom"
            },
            {
              "lessThan": "18.2R2",
              "status": "affected",
              "version": "18.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "Sample configuration:\n\n  user@host# show security dynamic-vpn\n  access-profile dyn-vpn-access-profile;\n  clients {\n  \tgrp {\n  \t\tuser {\n  \t\t\tclient1;\n  \t\t}\n  \t}\n  }"
        }
      ],
      "datePublic": "2019-01-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token caching, deleted users are allowed to connect once a previously successful dynamic VPN connection has been established. A reboot is required to clear the cached authentication token. Affected releases are Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D75; 15.1X49 versions prior to 15.1X49-D150; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Unauthorized access",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-01-23T10:57:01",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "name": "106668",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106668"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA10915"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: Junos OS 12.3X48-D75, 15.1X49-D150, 17.3R3, 17.4R2, 18.1R3, 18.2R2, 18.3R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA10915",
        "defect": [
          "1360111",
          "1350867"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: SRX Series: Deleted dynamic VPN users are allowed to establish VPN connections until reboot",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no viable workarounds for this issue."
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2019-01-09T17:00:00.000Z",
          "ID": "CVE-2019-0015",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: SRX Series: Deleted dynamic VPN users are allowed to establish VPN connections until reboot"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "12.3X48",
                            "version_value": "12.3X48-D75"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "15.1X49",
                            "version_value": "15.1X49-D150"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "17.3",
                            "version_value": "17.3R3"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "17.4",
                            "version_value": "17.4R2"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "18.1",
                            "version_value": "18.1R3"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "18.2",
                            "version_value": "18.2R2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "Sample configuration:\n\n  user@host# show security dynamic-vpn\n  access-profile dyn-vpn-access-profile;\n  clients {\n  \tgrp {\n  \t\tuser {\n  \t\t\tclient1;\n  \t\t}\n  \t}\n  }"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token caching, deleted users are allowed to connect once a previously successful dynamic VPN connection has been established. A reboot is required to clear the cached authentication token. Affected releases are Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D75; 15.1X49 versions prior to 15.1X49-D150; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Unauthorized access"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "106668",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106668"
            },
            {
              "name": "https://kb.juniper.net/JSA10915",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA10915"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: Junos OS 12.3X48-D75, 15.1X49-D150, 17.3R3, 17.4R2, 18.1R3, 18.2R2, 18.3R1, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA10915",
          "defect": [
            "1360111",
            "1350867"
          ],
          "discovery": "USER"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "There are no viable workarounds for this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2019-0015",
    "datePublished": "2019-01-15T21:00:00Z",
    "dateReserved": "2018-10-11T00:00:00",
    "dateUpdated": "2024-09-16T19:20:13.135Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC1FED64-8725-4978-9EBF-E3CD8EF338E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d100:*:*:*:*:*:*\", \"matchCriteriaId\": \"40FCCE73-C94E-4A0B-B056-8D323C64B425\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4AC2E1E-74FB-4DA3-8292-B2079F83FF54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*\", \"matchCriteriaId\": \"5FF83BD0-3B28-481E-8C8F-09ECDA493DA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E296274-AFC1-4F56-A4B3-827C2E0BC9D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C82799B-BD25-4359-9E3D-4D7CA7367525\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*\", \"matchCriteriaId\": \"094485FF-960C-4533-A2AF-6C4D420D260D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8BE3661-1DE5-4F57-9384-68C1B34F6812\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*\", \"matchCriteriaId\": \"B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6C694C6-C58C-4513-91E8-6CC22A2386E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d51:*:*:*:*:*:*\", \"matchCriteriaId\": \"64A0CCD4-91BA-440E-A14C-48E67D1F03A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B65EF51-ED97-4973-94C4-8F66C553F190\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EE7C08A-2A4B-4A84-AD95-A890913E2EE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*\", \"matchCriteriaId\": \"44C61900-680C-4C74-8B96-ACC93FE9465E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d66:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A793CCD-397E-45DA-9349-D01C69AB96D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d70:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6C38637-ABE0-419A-A053-CBE076766551\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"27A6BF09-ABBF-4126-ADD6-B174937F8554\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*\", \"matchCriteriaId\": \"D90D8985-34EF-44CC-A9A7-CB0FD22676F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*\", \"matchCriteriaId\": \"856A5668-FA4F-44E9-A3F0-BE4979F631E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA2459ED-DFA5-4701-AF92-C2928C3BD64D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*\", \"matchCriteriaId\": \"8830C4BC-2B3D-4CCF-A37E-79C2D46159BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d131:*:*:*:*:*:*\", \"matchCriteriaId\": \"40D42ACF-860C-4B47-8E25-7DEC30FB8064\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*\", \"matchCriteriaId\": \"C808E08F-1992-43DD-A106-E920DC784831\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d15:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8C94365-988C-4A14-8E49-846152FDC666\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*\", \"matchCriteriaId\": \"18468579-0195-4DDE-BAA5-4BE4068F3A69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d25:*:*:*:*:*:*\", \"matchCriteriaId\": \"6825F6BA-B48F-4E02-938F-6B297E21BA07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E5FAA97-171F-4DB9-B78E-6E1A5F34336A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*\", \"matchCriteriaId\": \"870244F3-1C05-4F10-A205-5189BB860F46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*\", \"matchCriteriaId\": \"235EE40B-AA15-4F39-8087-A051F4F70995\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*\", \"matchCriteriaId\": \"17330544-3AFC-463E-A146-2840A8AE17D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*\", \"matchCriteriaId\": \"8ABA301F-7866-42A5-8391-E07BEAFF06FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*\", \"matchCriteriaId\": \"884E4A85-ED42-4391-9FDD-9052F957743A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*\", \"matchCriteriaId\": \"1901864B-688B-4352-A587-4B96B4E49FB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*\", \"matchCriteriaId\": \"78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B6670FB-9F5A-469B-97F2-074C28572065\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*\", \"matchCriteriaId\": \"71198992-83AA-4E28-BA7D-A3C1897B5E2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*\", \"matchCriteriaId\": \"4323D874-C317-4D76-8E2D-C82376D84CBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*\", \"matchCriteriaId\": \"F56067DA-EBA9-481A-B60B-52148584EFBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A283D32F-1CAF-4A5A-83E1-585F2801771F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"38A40E03-F915-4888-87B0-5950F75F097D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"C52E355B-DA7D-4FDE-B2D7-A3C3C9C99918\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"267A3603-BC18-442E-803A-4CAEB6493433\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"69FC46D4-39E2-4E2F-A1D3-1001769A7115\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"32F83E8B-A816-4F26-95F8-F0DA7F3DF426\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C433359-BC8B-4E69-BE74-A31EB148083A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCA2976C-C84B-40D9-A806-588629BFFB13\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2C7B980-033E-40AC-98C9-B252733B0F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA8D32E4-1892-46DC-9782-5466A14E18D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A00CA6FB-8F28-4171-B510-8DBA351E80C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"988D317A-0646-491F-9B97-853E8E208276\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"605F1AD7-5B09-44F0-9017-15AB3EEE559C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF3F9F86-166F-45E4-92B7-3DD3B06199F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E4EB6B0-8DB2-4199-96E4-30195D49F756\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"204FC7B5-9CF2-4AC2-9B8D-DA48CAEA6496\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D8A8E33-473A-4A40-A7B7-47086BB9012A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0F65DCA-34B9-4CE8-91C9-426AAAEB4097\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DFDD907-5305-4602-8A9C-685AA112C342\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D24FDED-D8BE-4C7E-8F0E-91901FC66A84\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0A756E2-C320-405A-B24F-7C5022649E5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"84F5BCBA-404B-4BC9-B363-CE6D231B0D6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"18A4CA3E-DA61-49CC-8476-3A476CCB2B83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7380B3E-09F5-4497-86C6-11EF56BD89F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r:*:*:*:*:*:*\", \"matchCriteriaId\": \"9359A058-6B77-4DEE-B28A-D5CD906EBAFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"167EEC4F-729E-47C2-B0F8-E8108CE3E985\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r1:-:*:*:*:*:*\", \"matchCriteriaId\": \"90BF177D-A895-4D05-B674-B27420A5DC6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0070B31B-59DC-46E9-93E0-1E8BF3560BFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"A893CCE5-96B8-44A1-ABEF-6AB9B527B2FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"42203801-E2E7-4DCF-ABBB-D23A91B2A9FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"238EC996-8E8C-4332-916F-09E54E6EBB9D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CEBF85C-736A-4E7D-956A-3E8210D4F70B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD647C15-A686-4C8F-A766-BC29404C0FED\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45AB1622-1AED-4CD7-98F1-67779CDFC321\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89276D88-3B8D-4168-A2CD-0920297485F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB5AB24B-2B43-43DD-AE10-F758B4B19F2A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80F9DC32-5ADF-4430-B1A6-357D0B29DB78\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B82D4C4-7A65-409A-926F-33C054DCBFBA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"746C3882-2A5B-4215-B259-EB1FD60C513D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE535749-F4CE-4FFA-B23D-BF09C92481E5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06A03463-6B1D-4DBA-9E89-CAD5E899B98B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FDDC897-747F-44DD-9599-7266F9B5B7B1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62FC145A-D477-4C86-89E7-F70F52773801\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66F474D4-79B6-4525-983C-9A9011BD958B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token caching, deleted users are allowed to connect once a previously successful dynamic VPN connection has been established. A reboot is required to clear the cached authentication token. Affected releases are Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D75; 15.1X49 versions prior to 15.1X49-D150; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en el Service Gateway de la serie SRX permite que los usuarios VPN din\\u00e1micos eliminados establezcan conexiones VPN din\\u00e1micas hasta que se reinicie el dispositivo. Se deber\\u00eda prohibir que una conexi\\u00f3n VPN din\\u00e1mica eliminada establezca nuevas conexiones VPN. Debido a un error en el cacheo de tokens, los usuarios eliminados pueden conectarse una vez se establezca una conexi\\u00f3n VPN din\\u00e1mica previamente exitosa. Se requiere un reinicio para limpiar el token de autenticaci\\u00f3n en cach\\u00e9. Las versiones afectadas son Juniper Networks SRX Series: 12.3X48 en versiones anteriores a la 12.3X48-D75; 15.1X49 en versiones anteriores a la 15.1X49-D150; 17.3 en versiones anteriores a la 17.3R3; 17.4 en versiones anteriores a la 17.4R2; 18.1 en versiones anteriores a la 18.1R3; 18.2 en versiones anteriores a la 18.2R2.\"}]",
      "id": "CVE-2019-0015",
      "lastModified": "2024-11-21T04:16:03.273",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.5}], \"cvssMetricV30\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.5}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:N\", \"baseScore\": 5.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-01-15T21:29:01.417",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/106668\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.juniper.net/JSA10915\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/106668\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.juniper.net/JSA10915\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-613\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-0015\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2019-01-15T21:29:01.417\",\"lastModified\":\"2024-11-21T04:16:03.273\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token caching, deleted users are allowed to connect once a previously successful dynamic VPN connection has been established. A reboot is required to clear the cached authentication token. Affected releases are Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D75; 15.1X49 versions prior to 15.1X49-D150; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el Service Gateway de la serie SRX permite que los usuarios VPN din\u00e1micos eliminados establezcan conexiones VPN din\u00e1micas hasta que se reinicie el dispositivo. Se deber\u00eda prohibir que una conexi\u00f3n VPN din\u00e1mica eliminada establezca nuevas conexiones VPN. Debido a un error en el cacheo de tokens, los usuarios eliminados pueden conectarse una vez se establezca una conexi\u00f3n VPN din\u00e1mica previamente exitosa. Se requiere un reinicio para limpiar el token de autenticaci\u00f3n en cach\u00e9. Las versiones afectadas son Juniper Networks SRX Series: 12.3X48 en versiones anteriores a la 12.3X48-D75; 15.1X49 en versiones anteriores a la 15.1X49-D150; 17.3 en versiones anteriores a la 17.3R3; 17.4 en versiones anteriores a la 17.4R2; 18.1 en versiones anteriores a la 18.1R3; 18.2 en versiones anteriores a la 18.2R2.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}],\"cvssMetricV30\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:N\",\"baseScore\":5.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-613\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC1FED64-8725-4978-9EBF-E3CD8EF338E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d100:*:*:*:*:*:*\",\"matchCriteriaId\":\"40FCCE73-C94E-4A0B-B056-8D323C64B425\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4AC2E1E-74FB-4DA3-8292-B2079F83FF54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FF83BD0-3B28-481E-8C8F-09ECDA493DA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E296274-AFC1-4F56-A4B3-827C2E0BC9D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C82799B-BD25-4359-9E3D-4D7CA7367525\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"094485FF-960C-4533-A2AF-6C4D420D260D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8BE3661-1DE5-4F57-9384-68C1B34F6812\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*\",\"matchCriteriaId\":\"B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6C694C6-C58C-4513-91E8-6CC22A2386E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d51:*:*:*:*:*:*\",\"matchCriteriaId\":\"64A0CCD4-91BA-440E-A14C-48E67D1F03A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B65EF51-ED97-4973-94C4-8F66C553F190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EE7C08A-2A4B-4A84-AD95-A890913E2EE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*\",\"matchCriteriaId\":\"44C61900-680C-4C74-8B96-ACC93FE9465E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d66:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A793CCD-397E-45DA-9349-D01C69AB96D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d70:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6C38637-ABE0-419A-A053-CBE076766551\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"27A6BF09-ABBF-4126-ADD6-B174937F8554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"D90D8985-34EF-44CC-A9A7-CB0FD22676F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*\",\"matchCriteriaId\":\"856A5668-FA4F-44E9-A3F0-BE4979F631E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA2459ED-DFA5-4701-AF92-C2928C3BD64D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*\",\"matchCriteriaId\":\"8830C4BC-2B3D-4CCF-A37E-79C2D46159BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d131:*:*:*:*:*:*\",\"matchCriteriaId\":\"40D42ACF-860C-4B47-8E25-7DEC30FB8064\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*\",\"matchCriteriaId\":\"C808E08F-1992-43DD-A106-E920DC784831\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8C94365-988C-4A14-8E49-846152FDC666\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"18468579-0195-4DDE-BAA5-4BE4068F3A69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d25:*:*:*:*:*:*\",\"matchCriteriaId\":\"6825F6BA-B48F-4E02-938F-6B297E21BA07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E5FAA97-171F-4DB9-B78E-6E1A5F34336A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"870244F3-1C05-4F10-A205-5189BB860F46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"235EE40B-AA15-4F39-8087-A051F4F70995\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*\",\"matchCriteriaId\":\"17330544-3AFC-463E-A146-2840A8AE17D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ABA301F-7866-42A5-8391-E07BEAFF06FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*\",\"matchCriteriaId\":\"884E4A85-ED42-4391-9FDD-9052F957743A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*\",\"matchCriteriaId\":\"1901864B-688B-4352-A587-4B96B4E49FB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*\",\"matchCriteriaId\":\"78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B6670FB-9F5A-469B-97F2-074C28572065\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*\",\"matchCriteriaId\":\"71198992-83AA-4E28-BA7D-A3C1897B5E2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*\",\"matchCriteriaId\":\"4323D874-C317-4D76-8E2D-C82376D84CBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*\",\"matchCriteriaId\":\"F56067DA-EBA9-481A-B60B-52148584EFBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A283D32F-1CAF-4A5A-83E1-585F2801771F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"38A40E03-F915-4888-87B0-5950F75F097D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C52E355B-DA7D-4FDE-B2D7-A3C3C9C99918\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"267A3603-BC18-442E-803A-4CAEB6493433\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"69FC46D4-39E2-4E2F-A1D3-1001769A7115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"32F83E8B-A816-4F26-95F8-F0DA7F3DF426\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C433359-BC8B-4E69-BE74-A31EB148083A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCA2976C-C84B-40D9-A806-588629BFFB13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2C7B980-033E-40AC-98C9-B252733B0F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA8D32E4-1892-46DC-9782-5466A14E18D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A00CA6FB-8F28-4171-B510-8DBA351E80C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"988D317A-0646-491F-9B97-853E8E208276\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"605F1AD7-5B09-44F0-9017-15AB3EEE559C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF3F9F86-166F-45E4-92B7-3DD3B06199F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E4EB6B0-8DB2-4199-96E4-30195D49F756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"204FC7B5-9CF2-4AC2-9B8D-DA48CAEA6496\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D8A8E33-473A-4A40-A7B7-47086BB9012A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0F65DCA-34B9-4CE8-91C9-426AAAEB4097\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DFDD907-5305-4602-8A9C-685AA112C342\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D24FDED-D8BE-4C7E-8F0E-91901FC66A84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0A756E2-C320-405A-B24F-7C5022649E5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"84F5BCBA-404B-4BC9-B363-CE6D231B0D6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"18A4CA3E-DA61-49CC-8476-3A476CCB2B83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7380B3E-09F5-4497-86C6-11EF56BD89F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r:*:*:*:*:*:*\",\"matchCriteriaId\":\"9359A058-6B77-4DEE-B28A-D5CD906EBAFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"167EEC4F-729E-47C2-B0F8-E8108CE3E985\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r1:-:*:*:*:*:*\",\"matchCriteriaId\":\"90BF177D-A895-4D05-B674-B27420A5DC6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0070B31B-59DC-46E9-93E0-1E8BF3560BFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A893CCE5-96B8-44A1-ABEF-6AB9B527B2FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"42203801-E2E7-4DCF-ABBB-D23A91B2A9FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"238EC996-8E8C-4332-916F-09E54E6EBB9D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CEBF85C-736A-4E7D-956A-3E8210D4F70B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD647C15-A686-4C8F-A766-BC29404C0FED\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45AB1622-1AED-4CD7-98F1-67779CDFC321\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89276D88-3B8D-4168-A2CD-0920297485F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB5AB24B-2B43-43DD-AE10-F758B4B19F2A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F9DC32-5ADF-4430-B1A6-357D0B29DB78\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B82D4C4-7A65-409A-926F-33C054DCBFBA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"746C3882-2A5B-4215-B259-EB1FD60C513D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE535749-F4CE-4FFA-B23D-BF09C92481E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06A03463-6B1D-4DBA-9E89-CAD5E899B98B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FDDC897-747F-44DD-9599-7266F9B5B7B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62FC145A-D477-4C86-89E7-F70F52773801\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F474D4-79B6-4525-983C-9A9011BD958B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/106668\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10915\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/106668\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10915\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.