CNVD-2019-13843

Vulnerability from cnvd - Published: 2019-05-13
VLAI Severity ?
Title
Juniper Networks SRX340和Juniper Networks SRX345 Junos OS资源管理错误漏洞
Description
Juniper Networks SRX340和Juniper Networks SRX345都是美国瞻博网络(Juniper Networks)公司的产品。Juniper Networks SRX340是一款340系列安全服务网关设备。Juniper Networks SRX345是一款345系列安全服务网关设备。Junos OS是一套专用于该公司的硬件设备的网络操作系统。 Juniper Networks SRX340和SRX345中的Junos OS存在安全漏洞。攻击者可借助特制的数据包利用该漏洞造成拒绝服务(缓冲区空间耗尽)。
Severity
Patch Name
Juniper Networks SRX340和Juniper Networks SRX345 Junos OS资源管理错误漏洞的补丁
Patch Description
Juniper Networks SRX340和Juniper Networks SRX345都是美国瞻博网络(Juniper Networks)公司的产品。Juniper Networks SRX340是一款340系列安全服务网关设备。Juniper Networks SRX345是一款345系列安全服务网关设备。Junos OS是一套专用于该公司的硬件设备的网络操作系统。 Juniper Networks SRX340和SRX345中的Junos OS存在安全漏洞。攻击者可借助特制的数据包利用该漏洞造成拒绝服务(缓冲区空间耗尽)。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

厂商已发布了漏洞修复程序,请及时关注更新: https://kb.juniper.net/InfoCenter/index?page=content&id;=JSA10927&actp;=METADATA

Reference
https://kb.juniper.net/JSA10927
Impacted products
Name
['Juniper Networks Junos OS 15.1X49', 'Juniper Networks Junos OS 17.3', 'Juniper Networks Junos OS 17.4', 'Juniper Networks Junos OS 18.1', 'Juniper Networks Junos OS 18.2', 'Juniper Networks Junos OS 18.3']
Show details on source website
To clipboard 

{
  "bids": {
    "bid": {
      "bidNumber": "107873"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-0038"
    }
  },
  "description": "Juniper Networks SRX340\u548cJuniper Networks SRX345\u90fd\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Juniper Networks SRX340\u662f\u4e00\u6b3e340\u7cfb\u5217\u5b89\u5168\u670d\u52a1\u7f51\u5173\u8bbe\u5907\u3002Juniper Networks SRX345\u662f\u4e00\u6b3e345\u7cfb\u5217\u5b89\u5168\u670d\u52a1\u7f51\u5173\u8bbe\u5907\u3002Junos OS\u662f\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u8bbe\u5907\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\n\nJuniper Networks SRX340\u548cSRX345\u4e2d\u7684Junos OS\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u7f13\u51b2\u533a\u7a7a\u95f4\u8017\u5c3d\uff09\u3002",
  "discovererName": "Juniper Networks",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id;=JSA10927\u0026actp;=METADATA",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-13843",
  "openTime": "2019-05-13",
  "patchDescription": "Juniper Networks SRX340\u548cJuniper Networks SRX345\u90fd\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Juniper Networks SRX340\u662f\u4e00\u6b3e340\u7cfb\u5217\u5b89\u5168\u670d\u52a1\u7f51\u5173\u8bbe\u5907\u3002Juniper Networks SRX345\u662f\u4e00\u6b3e345\u7cfb\u5217\u5b89\u5168\u670d\u52a1\u7f51\u5173\u8bbe\u5907\u3002Junos OS\u662f\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u8bbe\u5907\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nJuniper Networks SRX340\u548cSRX345\u4e2d\u7684Junos OS\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u7f13\u51b2\u533a\u7a7a\u95f4\u8017\u5c3d\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Juniper Networks SRX340\u548cJuniper Networks SRX345 Junos OS\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Juniper Networks Junos OS 15.1X49",
      "Juniper Networks Junos OS 17.3",
      "Juniper Networks Junos OS 17.4",
      "Juniper Networks Junos OS 18.1",
      "Juniper Networks Junos OS 18.2",
      "Juniper Networks Junos OS 18.3"
    ]
  },
  "referenceLink": "https://kb.juniper.net/JSA10927",
  "serverity": "\u4e2d",
  "submitTime": "2019-04-12",
  "title": "Juniper Networks SRX340\u548cJuniper Networks SRX345 Junos OS\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.