cvelistv5 - cve-2008-2400

CVE-2008-2400 (GCVE-0-2008-2400)

Vulnerability from cvelistv5 – Published: 2008-05-22 10:00 – Updated: 2024-08-07 08:58

Summary

Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/29285	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2008/1568…	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/30297	third-party-advisoryx_refsource_SECUNIA
	http://stunnel.mirt.net/pipermail/stunnel-announc…	mailing-listx_refsource_MLIST
	http://www.securitytracker.com/id?1020049	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:58:02.235Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "29285",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29285"
          },
          {
            "name": "ADV-2008-1568",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1568/references"
          },
          {
            "name": "30297",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30297"
          },
          {
            "name": "[stunnel-announce] 20080503 stunnel 4.23 released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html"
          },
          {
            "name": "1020049",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020049"
          },
          {
            "name": "stunnel-windows-privilege-escalation(42526)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42526"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-05-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "29285",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29285"
        },
        {
          "name": "ADV-2008-1568",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1568/references"
        },
        {
          "name": "30297",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30297"
        },
        {
          "name": "[stunnel-announce] 20080503 stunnel 4.23 released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html"
        },
        {
          "name": "1020049",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020049"
        },
        {
          "name": "stunnel-windows-privilege-escalation(42526)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42526"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2400",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "29285",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29285"
            },
            {
              "name": "ADV-2008-1568",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1568/references"
            },
            {
              "name": "30297",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30297"
            },
            {
              "name": "[stunnel-announce] 20080503 stunnel 4.23 released",
              "refsource": "MLIST",
              "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html"
            },
            {
              "name": "1020049",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020049"
            },
            {
              "name": "stunnel-windows-privilege-escalation(42526)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42526"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-2400",
    "datePublished": "2008-05-22T10:00:00",
    "dateReserved": "2008-05-22T00:00:00",
    "dateUpdated": "2024-08-07T08:58:02.235Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E27CAA87-6971-4CFB-8299-931952B5157D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"579E37FC-51E6-4ECA-B05F-F4468772496B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B56E5F0-6FFC-4188-AF11-F7583253F56E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8797A96C-B660-45DC-B218-38B8DB85B451\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B01D02DC-F570-47CE-AC1B-37DFEC9C1A28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B283AD3E-A27E-4B76-BEA8-05334DBF0A88\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"69F0D8C8-3BCE-4AF7-953B-CEA2633E4179\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"503A7976-C3A6-447A-9531-0DB699C4A625\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BAFC4E2-FDB5-489C-B9C3-DF13A5186FA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D60C3DB-4185-484A-8275-D3541A40C046\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FB236EF-0F97-4656-AB49-1D7829A63FEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.0:b1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3073CCF6-5312-4FB2-AA43-D3B285EE32C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.0:b2:*:*:*:*:*:*\", \"matchCriteriaId\": \"49E5FD63-32E3-4C40-A55C-B70546FDD866\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.0:b3:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B6444AC-588D-4154-B78E-3EB34129F1BA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.0:b4:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC36154E-6006-45BB-A7CB-5293195602CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.0:b5:*:*:*:*:*:*\", \"matchCriteriaId\": \"12C931B9-DDBE-4E94-8361-6A4D55886CF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.0:b6:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EBE0C35-0FB9-44D6-8FA2-8712A2BF9A60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.0:b7:*:*:*:*:*:*\", \"matchCriteriaId\": \"5FFA8AD2-CAE2-4818-9D0C-0C32E62F3A59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4CA2A0A-B7DE-49DD-940D-C19801CF5D55\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D68D250-CA5B-4311-AF3C-48605948A067\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E4A0103-713D-4E56-B32F-EB1649F26EE7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D009335-E83C-4B35-ADB0-CBD6B82C0EA3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F4B0933-7D3A-43C9-9E42-FF5DAE94EDEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F317B556-717B-46B9-A81E-63FC61723B72\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"400FE849-D547-44DE-B06F-5B68E5B20E07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.8:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0845ED5-9C1A-4F1F-B6E5-AAF8B6893A28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.8:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A23EB22-BD30-4FA3-9BAA-0B4B65C49F81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.8:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EB00100-8EF0-463E-9C17-05525B7B5852\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.8:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"466B14A9-B16C-41F3-B2A0-C3194A6D1C1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B256301B-9C6A-4BA6-8318-675C0EF4C316\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC33DAEE-8F51-404F-B5C4-B8A30B467E94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FCDC66D-3BF5-4763-8877-38B0D3326E62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75772E28-BD93-4981-96FA-CDF41DAF65AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2415230E-4F66-4DDE-9E34-F685E8F4085A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5121749D-3E19-4A9B-8C2D-84420A4E289B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E14DE44-69E6-4D0E-AD06-A829AFCDE528\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D5B202D-D93D-4E33-BC9F-DA44B727C0B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCC62D42-832D-4E6E-93D9-E7BA0CBC7799\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5D49F98-9A24-464A-8695-58218C14B3DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADFFE78D-90EC-46C6-B215-2EADD9E0D146\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6132108C-C344-4ABC-AF40-1925830A6723\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8362D330-E286-4534-8560-B4B38E21767F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0496D60-BE45-45FF-B360-60E59443DB96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA2EA0D4-05B6-4500-9374-74BBDAB6001F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F16BDA03-BFAB-4839-A83A-370865928225\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB5A2E06-A98E-409C-9A90-460AF4CCF101\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FC396CE-FDA7-480C-9E94-1A26B7FB208E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7B30722-13DD-41C5-9CFA-0719B351CF46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"722BA04D-BA9B-427C-B129-06EFEC3F2859\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2891FF7D-E62E-47F4-8873-1E4066247348\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A129110-60C1-46FC-9817-6E3802ADB389\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF52167B-1109-4E02-A02F-17465F4C47FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61536049-1C52-42E2-96DC-E5FF88BCC850\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE0EE4B5-C9D3-4DF1-B7B7-377B281FA313\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2811F3BC-03F8-4781-8D01-BAAE1BDE8895\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82C4D865-9641-4E28-935C-BDCBDB9C2CEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BF1DADF-BD26-41CF-BFA3-3C2928CDF9F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75CF8185-A8FC-4EEE-B937-34924834AB43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1561B7D-78BC-4910-85F4-113E84B97B3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63DDF225-57D2-40E5-9BCA-672FBB3E2A6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04043E99-5F67-4FE9-89FC-695B981FBD5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD11753B-1993-4DE5-B172-AF4839B5620E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"711059F5-ACB3-4D2A-931F-BA1C4422FC8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DDB6C42-0837-462B-BE2B-11A81B43C590\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EEAAF27-156A-40FF-ADBF-79D851E744AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB202677-DDC6-42D1-9A90-CD4A79198553\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2C3EF02-B456-4506-94E8-5C41CB4FF69B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B07502AA-E3E7-4143-B194-7C366CEA4A28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97C554E8-62F4-4C73-821D-AB93D8EE841C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad sin especificar en stunnel anterior a 4.23, cuando es ejecutado como un servicio en Windows, permite a usuarios locales obtener privilegios a trav\\u00e9s de vectores de ataque desconocidos.\"}]",
      "id": "CVE-2008-2400",
      "lastModified": "2024-11-21T00:46:47.990",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": true, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-05-22T13:09:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/30297\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/29285\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1020049\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1568/references\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/42526\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/30297\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/29285\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1020049\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1568/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/42526\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-2400\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-05-22T13:09:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad sin especificar en stunnel anterior a 4.23, cuando es ejecutado como un servicio en Windows, permite a usuarios locales obtener privilegios a trav\u00e9s de vectores de ataque desconocidos.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":true,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E27CAA87-6971-4CFB-8299-931952B5157D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"579E37FC-51E6-4ECA-B05F-F4468772496B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B56E5F0-6FFC-4188-AF11-F7583253F56E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8797A96C-B660-45DC-B218-38B8DB85B451\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B01D02DC-F570-47CE-AC1B-37DFEC9C1A28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B283AD3E-A27E-4B76-BEA8-05334DBF0A88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69F0D8C8-3BCE-4AF7-953B-CEA2633E4179\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"503A7976-C3A6-447A-9531-0DB699C4A625\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BAFC4E2-FDB5-489C-B9C3-DF13A5186FA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D60C3DB-4185-484A-8275-D3541A40C046\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FB236EF-0F97-4656-AB49-1D7829A63FEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.0:b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3073CCF6-5312-4FB2-AA43-D3B285EE32C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.0:b2:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E5FD63-32E3-4C40-A55C-B70546FDD866\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.0:b3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B6444AC-588D-4154-B78E-3EB34129F1BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.0:b4:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC36154E-6006-45BB-A7CB-5293195602CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.0:b5:*:*:*:*:*:*\",\"matchCriteriaId\":\"12C931B9-DDBE-4E94-8361-6A4D55886CF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.0:b6:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EBE0C35-0FB9-44D6-8FA2-8712A2BF9A60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.0:b7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FFA8AD2-CAE2-4818-9D0C-0C32E62F3A59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CA2A0A-B7DE-49DD-940D-C19801CF5D55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D68D250-CA5B-4311-AF3C-48605948A067\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E4A0103-713D-4E56-B32F-EB1649F26EE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D009335-E83C-4B35-ADB0-CBD6B82C0EA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F4B0933-7D3A-43C9-9E42-FF5DAE94EDEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F317B556-717B-46B9-A81E-63FC61723B72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"400FE849-D547-44DE-B06F-5B68E5B20E07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.8:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0845ED5-9C1A-4F1F-B6E5-AAF8B6893A28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.8:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A23EB22-BD30-4FA3-9BAA-0B4B65C49F81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.8:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EB00100-8EF0-463E-9C17-05525B7B5852\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.8:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"466B14A9-B16C-41F3-B2A0-C3194A6D1C1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B256301B-9C6A-4BA6-8318-675C0EF4C316\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC33DAEE-8F51-404F-B5C4-B8A30B467E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FCDC66D-3BF5-4763-8877-38B0D3326E62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75772E28-BD93-4981-96FA-CDF41DAF65AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2415230E-4F66-4DDE-9E34-F685E8F4085A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5121749D-3E19-4A9B-8C2D-84420A4E289B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E14DE44-69E6-4D0E-AD06-A829AFCDE528\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D5B202D-D93D-4E33-BC9F-DA44B727C0B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC62D42-832D-4E6E-93D9-E7BA0CBC7799\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5D49F98-9A24-464A-8695-58218C14B3DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADFFE78D-90EC-46C6-B215-2EADD9E0D146\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6132108C-C344-4ABC-AF40-1925830A6723\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8362D330-E286-4534-8560-B4B38E21767F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0496D60-BE45-45FF-B360-60E59443DB96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA2EA0D4-05B6-4500-9374-74BBDAB6001F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F16BDA03-BFAB-4839-A83A-370865928225\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB5A2E06-A98E-409C-9A90-460AF4CCF101\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FC396CE-FDA7-480C-9E94-1A26B7FB208E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7B30722-13DD-41C5-9CFA-0719B351CF46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"722BA04D-BA9B-427C-B129-06EFEC3F2859\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2891FF7D-E62E-47F4-8873-1E4066247348\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A129110-60C1-46FC-9817-6E3802ADB389\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF52167B-1109-4E02-A02F-17465F4C47FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61536049-1C52-42E2-96DC-E5FF88BCC850\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE0EE4B5-C9D3-4DF1-B7B7-377B281FA313\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2811F3BC-03F8-4781-8D01-BAAE1BDE8895\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82C4D865-9641-4E28-935C-BDCBDB9C2CEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BF1DADF-BD26-41CF-BFA3-3C2928CDF9F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75CF8185-A8FC-4EEE-B937-34924834AB43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1561B7D-78BC-4910-85F4-113E84B97B3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63DDF225-57D2-40E5-9BCA-672FBB3E2A6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04043E99-5F67-4FE9-89FC-695B981FBD5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD11753B-1993-4DE5-B172-AF4839B5620E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"711059F5-ACB3-4D2A-931F-BA1C4422FC8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DDB6C42-0837-462B-BE2B-11A81B43C590\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EEAAF27-156A-40FF-ADBF-79D851E744AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB202677-DDC6-42D1-9A90-CD4A79198553\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2C3EF02-B456-4506-94E8-5C41CB4FF69B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B07502AA-E3E7-4143-B194-7C366CEA4A28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97C554E8-62F4-4C73-821D-AB93D8EE841C\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/30297\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/29285\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1020049\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1568/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/42526\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/30297\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/29285\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1020049\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1568/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/42526\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTFR-2018-AVI-184

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Juniper . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Junos Snapshot Administrator (JSNAPy) versions antérieures à 1.3.0
Juniper Networks	N/A	CentOS versions 6.5 antérieures à 2012.2R12
Juniper Networks	N/A	Steel-Belted Radius (SBR) Carrier 8.2.0 antérieures à 8.2.0-R18
Juniper Networks	N/A	NorthStar Controller versions 3.2.x antérieures à 3.2.1
Juniper Networks	N/A	NorthStar Controller versions 3.0.x antérieures à 3.0.1
Juniper Networks	N/A	CTPOS versions antérieures à 7.3R4 ou 7.4R1
Juniper Networks	N/A	CTPView versions antérieures à 7.3R4 ou 7.4R2
Juniper Networks	N/A	Steel-Belted Radius (SBR) Carrier versions 8.3.0.x antérieures à 8.3.0-R11
Juniper Networks	N/A	Steel-Belted Radius (SBR) Carrier versions 8.4.1.x antérieures à 8.4.1-R5
Juniper Networks	N/A	NSM versions antérieures à 2012.2R14
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D50
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10K
Juniper Networks	Junos OS	Junos OS versions 12.1X46 antérieures à 12.1X46-D76
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R2
Juniper Networks	Junos OS	Junos OS versions 16.1X65 antérieures à 16.1X65-D47
Juniper Networks	Junos OS	Junos OS versions 17.2 antérieures à 17.2R1-S5, 17.2R2
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D60 sur SRX
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R5-S3, 16.1R7
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D90
Juniper Networks	Junos OS	Junos OS versions 17.2 antérieures à 17.2R1-S3, 17.2R2-S1, 17.2R3
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5
Juniper Networks	Junos OS	Junos OS versions 12.3 antérieures à 12.3R12-S7, 12.3R13
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D100
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F2-S20, 15.1F6-S10, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 12.1X46 antérieures à 12.1X46-D60 sur SRX
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D60
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D130 sur SRX
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D65
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R1-S7, 17.1R2-S6, 17.1R3
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D131, 15.1X49-D140
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D35 sur SRX
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S6, 16.1R5
Juniper Networks	Junos OS	Junos OS versions 16.1X70 antérieures à 16.1X70-D10
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D66, 15.1X53-D233, 15.1X53-D471
Juniper Networks	Junos OS	Junos OS versions 14.1X53 antérieures à 14.1X53-D130
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D58 on EX2300/EX3400
Juniper Networks	Junos OS	Junos OS versions 14.1X53 antérieures à 14.1X53-D47
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R2-S3, 17.1R3
Juniper Networks	Junos OS	Junos OS versions 17.2X75 antérieures à 17.2X75-D70
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D130
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D233 on QFX5200/QFX5110
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R5
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1R4-S9, 15.1R6-S6, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 14.1 antérieures à 14.1R10, 14.1R9
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R2-S6, 17.1R3
Juniper Networks	Junos OS	Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2-S5, 16.2R3
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D471 on NFX
Juniper Networks	Junos OS	Junos OS versions 16.2 antérieures à 16.2R2
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D66, 12.3X48-D70
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D59
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7
Juniper Networks	Junos OS	Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S8, 16.1R5
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D55
Juniper Networks	Junos OS	Junos OS versions 14.2 antérieures à 14.2R8

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10852 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10847 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10845 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10850 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10855 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10844 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10846 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10851 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10856 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10849 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10853 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10854 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10848 du 11 avril 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos Snapshot Administrator (JSNAPy) versions ant\u00e9rieures \u00e0 1.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CentOS versions 6.5 ant\u00e9rieures \u00e0 2012.2R12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Steel-Belted Radius (SBR) Carrier 8.2.0 ant\u00e9rieures \u00e0 8.2.0-R18",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NorthStar Controller versions 3.2.x ant\u00e9rieures \u00e0 3.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NorthStar Controller versions 3.0.x ant\u00e9rieures \u00e0 3.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "CTPOS versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "CTPView versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Steel-Belted Radius (SBR) Carrier versions 8.3.0.x ant\u00e9rieures \u00e0 8.3.0-R11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Steel-Belted Radius (SBR) Carrier versions 8.4.1.x ant\u00e9rieures \u00e0 8.4.1-R5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NSM versions ant\u00e9rieures \u00e0 2012.2R14",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D50",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10K",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D76",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1X65 ant\u00e9rieures \u00e0 16.1X65-D47",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S5, 17.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5-S3, 16.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D90",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S3, 17.2R2-S1, 17.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3 ant\u00e9rieures \u00e0 12.3R12-S7, 12.3R13",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D100",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S20, 15.1F6-S10, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D60 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D65",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R1-S7, 17.1R2-S6, 17.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D131, 15.1X49-D140",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D35 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S6, 16.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1X70 ant\u00e9rieures \u00e0 16.1X70-D10",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66, 15.1X53-D233, 15.1X53-D471",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D130",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D58 on EX2300/EX3400",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D47",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S3, 17.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.2X75 ant\u00e9rieures \u00e0 17.2X75-D70",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233 on QFX5200/QFX5110",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R4-S9, 15.1R6-S6, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.1 ant\u00e9rieures \u00e0 14.1R10, 14.1R9",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S6, 17.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2-S5, 16.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D471 on NFX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D66, 12.3X48-D70",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D59",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S8, 16.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-8767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8767"
    },
    {
      "name": "CVE-2018-0020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0020"
    },
    {
      "name": "CVE-2016-5829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5829"
    },
    {
      "name": "CVE-2016-0701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0701"
    },
    {
      "name": "CVE-2015-8324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8324"
    },
    {
      "name": "CVE-2018-0017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0017"
    },
    {
      "name": "CVE-2013-4312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4312"
    },
    {
      "name": "CVE-2018-0021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0021"
    },
    {
      "name": "CVE-2015-5156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5156"
    },
    {
      "name": "CVE-2013-1762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1762"
    },
    {
      "name": "CVE-2016-4470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4470"
    },
    {
      "name": "CVE-2017-1000385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000385"
    },
    {
      "name": "CVE-2017-3737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
    },
    {
      "name": "CVE-2018-0016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0016"
    },
    {
      "name": "CVE-2016-1583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1583"
    },
    {
      "name": "CVE-2014-7842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-7842"
    },
    {
      "name": "CVE-2015-3644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3644"
    },
    {
      "name": "CVE-2016-2550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2550"
    },
    {
      "name": "CVE-2016-5696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5696"
    },
    {
      "name": "CVE-2015-2925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2925"
    },
    {
      "name": "CVE-2018-0019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0019"
    },
    {
      "name": "CVE-2016-4565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
    },
    {
      "name": "CVE-2018-0022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0022"
    },
    {
      "name": "CVE-2014-0016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0016"
    },
    {
      "name": "CVE-2016-0774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0774"
    },
    {
      "name": "CVE-2015-7550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7550"
    },
    {
      "name": "CVE-2014-8134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8134"
    },
    {
      "name": "CVE-2015-8104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8104"
    },
    {
      "name": "CVE-2017-3732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
    },
    {
      "name": "CVE-2017-3736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3736"
    },
    {
      "name": "CVE-2015-2080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2080"
    },
    {
      "name": "CVE-2017-3735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
    },
    {
      "name": "CVE-2015-8543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8543"
    },
    {
      "name": "CVE-2015-3193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3193"
    },
    {
      "name": "CVE-2017-3738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3738"
    },
    {
      "name": "CVE-2015-7613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7613"
    },
    {
      "name": "CVE-2015-5157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5157"
    },
    {
      "name": "CVE-2008-2420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2420"
    },
    {
      "name": "CVE-2008-2400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2400"
    },
    {
      "name": "CVE-2018-0018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0018"
    },
    {
      "name": "CVE-2015-1805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1805"
    },
    {
      "name": "CVE-2018-0023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0023"
    },
    {
      "name": "CVE-2010-5313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-5313"
    },
    {
      "name": "CVE-2015-7872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7872"
    },
    {
      "name": "CVE-2015-5307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5307"
    },
    {
      "name": "CVE-2016-2143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2143"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-184",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-04-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10852 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10852\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10847 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10847\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10845 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10845\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10850 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10850\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10855 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10855\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10844 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10844\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10846 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10846\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10851 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10851\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10856 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10856\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10849 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10849\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10853 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10853\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10854 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10854\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10848 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10848\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2018-AVI-184

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Junos Snapshot Administrator (JSNAPy) versions antérieures à 1.3.0
Juniper Networks	N/A	CentOS versions 6.5 antérieures à 2012.2R12
Juniper Networks	N/A	Steel-Belted Radius (SBR) Carrier 8.2.0 antérieures à 8.2.0-R18
Juniper Networks	N/A	NorthStar Controller versions 3.2.x antérieures à 3.2.1
Juniper Networks	N/A	NorthStar Controller versions 3.0.x antérieures à 3.0.1
Juniper Networks	N/A	CTPOS versions antérieures à 7.3R4 ou 7.4R1
Juniper Networks	N/A	CTPView versions antérieures à 7.3R4 ou 7.4R2
Juniper Networks	N/A	Steel-Belted Radius (SBR) Carrier versions 8.3.0.x antérieures à 8.3.0-R11
Juniper Networks	N/A	Steel-Belted Radius (SBR) Carrier versions 8.4.1.x antérieures à 8.4.1-R5
Juniper Networks	N/A	NSM versions antérieures à 2012.2R14
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D50
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10K
Juniper Networks	Junos OS	Junos OS versions 12.1X46 antérieures à 12.1X46-D76
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R2
Juniper Networks	Junos OS	Junos OS versions 16.1X65 antérieures à 16.1X65-D47
Juniper Networks	Junos OS	Junos OS versions 17.2 antérieures à 17.2R1-S5, 17.2R2
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D60 sur SRX
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R5-S3, 16.1R7
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D90
Juniper Networks	Junos OS	Junos OS versions 17.2 antérieures à 17.2R1-S3, 17.2R2-S1, 17.2R3
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5
Juniper Networks	Junos OS	Junos OS versions 12.3 antérieures à 12.3R12-S7, 12.3R13
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D100
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F2-S20, 15.1F6-S10, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 12.1X46 antérieures à 12.1X46-D60 sur SRX
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D60
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D130 sur SRX
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D65
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R1-S7, 17.1R2-S6, 17.1R3
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D131, 15.1X49-D140
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D35 sur SRX
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S6, 16.1R5
Juniper Networks	Junos OS	Junos OS versions 16.1X70 antérieures à 16.1X70-D10
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D66, 15.1X53-D233, 15.1X53-D471
Juniper Networks	Junos OS	Junos OS versions 14.1X53 antérieures à 14.1X53-D130
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D58 on EX2300/EX3400
Juniper Networks	Junos OS	Junos OS versions 14.1X53 antérieures à 14.1X53-D47
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R2-S3, 17.1R3
Juniper Networks	Junos OS	Junos OS versions 17.2X75 antérieures à 17.2X75-D70
Juniper Networks	Junos OS	Junos OS versions 15.1X49 antérieures à 15.1X49-D130
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D233 on QFX5200/QFX5110
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R5
Juniper Networks	Junos OS	Junos OS versions 15.1 antérieures à 15.1R4-S9, 15.1R6-S6, 15.1R7
Juniper Networks	Junos OS	Junos OS versions 14.1 antérieures à 14.1R10, 14.1R9
Juniper Networks	Junos OS	Junos OS versions 17.1 antérieures à 17.1R2-S6, 17.1R3
Juniper Networks	Junos OS	Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2-S5, 16.2R3
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D471 on NFX
Juniper Networks	Junos OS	Junos OS versions 16.2 antérieures à 16.2R2
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D66, 12.3X48-D70
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D59
Juniper Networks	Junos OS	Junos OS versions 15.1X53 antérieures à 15.1X53-D66 sur QFX10
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7
Juniper Networks	Junos OS	Junos OS versions 16.2 antérieures à 16.2R1-S6, 16.2R2
Juniper Networks	Junos OS	Junos OS versions 16.1 antérieures à 16.1R3-S8, 16.1R4-S8, 16.1R5
Juniper Networks	Junos OS	Junos OS versions 12.3X48 antérieures à 12.3X48-D55
Juniper Networks	Junos OS	Junos OS versions 14.2 antérieures à 14.2R8

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10852 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10847 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10845 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10850 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10855 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10844 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10846 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10851 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10856 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10849 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10853 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10854 du 11 avril 2018	None	vendor-advisory
Bulletin de sécurité Juniper JSA10848 du 11 avril 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos Snapshot Administrator (JSNAPy) versions ant\u00e9rieures \u00e0 1.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CentOS versions 6.5 ant\u00e9rieures \u00e0 2012.2R12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Steel-Belted Radius (SBR) Carrier 8.2.0 ant\u00e9rieures \u00e0 8.2.0-R18",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NorthStar Controller versions 3.2.x ant\u00e9rieures \u00e0 3.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NorthStar Controller versions 3.0.x ant\u00e9rieures \u00e0 3.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "CTPOS versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "CTPView versions ant\u00e9rieures \u00e0 7.3R4 ou 7.4R2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Steel-Belted Radius (SBR) Carrier versions 8.3.0.x ant\u00e9rieures \u00e0 8.3.0-R11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Steel-Belted Radius (SBR) Carrier versions 8.4.1.x ant\u00e9rieures \u00e0 8.4.1-R5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "NSM versions ant\u00e9rieures \u00e0 2012.2R14",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D50",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10K",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D76",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1X65 ant\u00e9rieures \u00e0 16.1X65-D47",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S5, 17.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5-S3, 16.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D90",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.2 ant\u00e9rieures \u00e0 17.2R1-S3, 17.2R2-S1, 17.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3 ant\u00e9rieures \u00e0 12.3R12-S7, 12.3R13",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D100",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S20, 15.1F6-S10, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D60 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D60",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D65",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R1-S7, 17.1R2-S6, 17.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D131, 15.1X49-D140",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D35 sur SRX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S6, 16.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1X70 ant\u00e9rieures \u00e0 16.1X70-D10",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66, 15.1X53-D233, 15.1X53-D471",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D130",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D58 on EX2300/EX3400",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D47",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S3, 17.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.2X75 ant\u00e9rieures \u00e0 17.2X75-D70",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D130",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D233 on QFX5200/QFX5110",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R4-S9, 15.1R6-S6, 15.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.1 ant\u00e9rieures \u00e0 14.1R10, 14.1R9",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S6, 17.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2-S5, 16.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D471 on NFX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D66, 12.3X48-D70",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D59",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D66 sur QFX10",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R1-S6, 16.2R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S8, 16.1R4-S8, 16.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-8767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8767"
    },
    {
      "name": "CVE-2018-0020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0020"
    },
    {
      "name": "CVE-2016-5829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5829"
    },
    {
      "name": "CVE-2016-0701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0701"
    },
    {
      "name": "CVE-2015-8324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8324"
    },
    {
      "name": "CVE-2018-0017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0017"
    },
    {
      "name": "CVE-2013-4312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4312"
    },
    {
      "name": "CVE-2018-0021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0021"
    },
    {
      "name": "CVE-2015-5156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5156"
    },
    {
      "name": "CVE-2013-1762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1762"
    },
    {
      "name": "CVE-2016-4470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4470"
    },
    {
      "name": "CVE-2017-1000385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000385"
    },
    {
      "name": "CVE-2017-3737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
    },
    {
      "name": "CVE-2018-0016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0016"
    },
    {
      "name": "CVE-2016-1583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1583"
    },
    {
      "name": "CVE-2014-7842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-7842"
    },
    {
      "name": "CVE-2015-3644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3644"
    },
    {
      "name": "CVE-2016-2550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2550"
    },
    {
      "name": "CVE-2016-5696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5696"
    },
    {
      "name": "CVE-2015-2925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2925"
    },
    {
      "name": "CVE-2018-0019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0019"
    },
    {
      "name": "CVE-2016-4565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
    },
    {
      "name": "CVE-2018-0022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0022"
    },
    {
      "name": "CVE-2014-0016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0016"
    },
    {
      "name": "CVE-2016-0774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0774"
    },
    {
      "name": "CVE-2015-7550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7550"
    },
    {
      "name": "CVE-2014-8134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8134"
    },
    {
      "name": "CVE-2015-8104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8104"
    },
    {
      "name": "CVE-2017-3732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
    },
    {
      "name": "CVE-2017-3736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3736"
    },
    {
      "name": "CVE-2015-2080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2080"
    },
    {
      "name": "CVE-2017-3735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
    },
    {
      "name": "CVE-2015-8543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8543"
    },
    {
      "name": "CVE-2015-3193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3193"
    },
    {
      "name": "CVE-2017-3738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3738"
    },
    {
      "name": "CVE-2015-7613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7613"
    },
    {
      "name": "CVE-2015-5157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5157"
    },
    {
      "name": "CVE-2008-2420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2420"
    },
    {
      "name": "CVE-2008-2400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2400"
    },
    {
      "name": "CVE-2018-0018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0018"
    },
    {
      "name": "CVE-2015-1805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1805"
    },
    {
      "name": "CVE-2018-0023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0023"
    },
    {
      "name": "CVE-2010-5313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-5313"
    },
    {
      "name": "CVE-2015-7872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7872"
    },
    {
      "name": "CVE-2015-5307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5307"
    },
    {
      "name": "CVE-2016-2143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2143"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-184",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-04-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10852 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10852\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10847 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10847\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10845 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10845\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10850 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10850\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10855 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10855\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10844 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10844\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10846 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10846\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10851 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10851\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10856 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10856\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10849 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10849\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10853 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10853\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10854 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10854\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10848 du 11 avril 2018",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10848\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

GHSA-R8P5-H86H-72H9

Vulnerability from github – Published: 2022-05-01 23:49 – Updated: 2022-05-01 23:49

Details

Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-2400"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-05-22T13:09:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.",
  "id": "GHSA-r8p5-h86h-72h9",
  "modified": "2022-05-01T23:49:42Z",
  "published": "2022-05-01T23:49:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2400"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42526"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30297"
    },
    {
      "type": "WEB",
      "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/29285"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020049"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1568/references"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2008-2400

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.

Aliases

CVE-2008-2400

Aliases

CVE-2008-2400

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-2400",
    "description": "Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.",
    "id": "GSD-2008-2400"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-2400"
      ],
      "details": "Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.",
      "id": "GSD-2008-2400",
      "modified": "2023-12-13T01:23:00.535406Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-2400",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "29285",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/29285"
          },
          {
            "name": "ADV-2008-1568",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/1568/references"
          },
          {
            "name": "30297",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30297"
          },
          {
            "name": "[stunnel-announce] 20080503 stunnel 4.23 released",
            "refsource": "MLIST",
            "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html"
          },
          {
            "name": "1020049",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1020049"
          },
          {
            "name": "stunnel-windows-privilege-escalation(42526)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42526"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.0:b6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.0:b7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.0:b1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.0:b2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.0:b3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.8:p3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.8:p4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.8:p1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.8:p2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.0:b4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.0:b5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2400"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[stunnel-announce] 20080503 stunnel 4.23 released",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html"
            },
            {
              "name": "30297",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/30297"
            },
            {
              "name": "29285",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/29285"
            },
            {
              "name": "1020049",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1020049"
            },
            {
              "name": "ADV-2008-1568",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/1568/references"
            },
            {
              "name": "stunnel-windows-privilege-escalation(42526)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42526"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-08T01:31Z",
      "publishedDate": "2008-05-22T13:09Z"
    }
  }
}

FKIE_CVE-2008-2400

Vulnerability from fkie_nvd - Published: 2008-05-22 13:09 - Updated: 2025-04-09 00:30

Severity ?

Summary

Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/30297	Vendor Advisory
cve@mitre.org	http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html
cve@mitre.org	http://www.securityfocus.com/bid/29285
cve@mitre.org	http://www.securitytracker.com/id?1020049
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1568/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42526
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30297	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29285
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020049
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1568/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42526

Impacted products

Vendor	Product	Version
stunnel	stunnel	0.1
stunnel	stunnel	1.0
stunnel	stunnel	1.1
stunnel	stunnel	1.2
stunnel	stunnel	1.3
stunnel	stunnel	1.4
stunnel	stunnel	1.5
stunnel	stunnel	1.6
stunnel	stunnel	2.0
stunnel	stunnel	2.1
stunnel	stunnel	3.0
stunnel	stunnel	3.0
stunnel	stunnel	3.0
stunnel	stunnel	3.0
stunnel	stunnel	3.0
stunnel	stunnel	3.0
stunnel	stunnel	3.0
stunnel	stunnel	3.0
stunnel	stunnel	3.1
stunnel	stunnel	3.2
stunnel	stunnel	3.3
stunnel	stunnel	3.4a
stunnel	stunnel	3.5
stunnel	stunnel	3.6
stunnel	stunnel	3.7
stunnel	stunnel	3.8
stunnel	stunnel	3.8
stunnel	stunnel	3.8
stunnel	stunnel	3.8
stunnel	stunnel	3.8
stunnel	stunnel	3.9
stunnel	stunnel	3.10
stunnel	stunnel	3.11
stunnel	stunnel	3.12
stunnel	stunnel	3.13
stunnel	stunnel	3.14
stunnel	stunnel	3.15
stunnel	stunnel	3.16
stunnel	stunnel	3.17
stunnel	stunnel	3.18
stunnel	stunnel	3.19
stunnel	stunnel	3.20
stunnel	stunnel	3.21
stunnel	stunnel	3.21a
stunnel	stunnel	3.21b
stunnel	stunnel	3.21c
stunnel	stunnel	3.22
stunnel	stunnel	3.24
stunnel	stunnel	4.0
stunnel	stunnel	4.01
stunnel	stunnel	4.02
stunnel	stunnel	4.03
stunnel	stunnel	4.04
stunnel	stunnel	4.05
stunnel	stunnel	4.06
stunnel	stunnel	4.07
stunnel	stunnel	4.08
stunnel	stunnel	4.09
stunnel	stunnel	4.10
stunnel	stunnel	4.11
stunnel	stunnel	4.12
stunnel	stunnel	4.13
stunnel	stunnel	4.14
stunnel	stunnel	4.15
stunnel	stunnel	4.16
stunnel	stunnel	4.17
stunnel	stunnel	4.18
stunnel	stunnel	4.19
stunnel	stunnel	4.20
stunnel	stunnel	4.21
stunnel	stunnel	4.22

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E27CAA87-6971-4CFB-8299-931952B5157D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "579E37FC-51E6-4ECA-B05F-F4468772496B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B56E5F0-6FFC-4188-AF11-F7583253F56E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8797A96C-B660-45DC-B218-38B8DB85B451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B01D02DC-F570-47CE-AC1B-37DFEC9C1A28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B283AD3E-A27E-4B76-BEA8-05334DBF0A88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "69F0D8C8-3BCE-4AF7-953B-CEA2633E4179",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "503A7976-C3A6-447A-9531-0DB699C4A625",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BAFC4E2-FDB5-489C-B9C3-DF13A5186FA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D60C3DB-4185-484A-8275-D3541A40C046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FB236EF-0F97-4656-AB49-1D7829A63FEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b1:*:*:*:*:*:*",
              "matchCriteriaId": "3073CCF6-5312-4FB2-AA43-D3B285EE32C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b2:*:*:*:*:*:*",
              "matchCriteriaId": "49E5FD63-32E3-4C40-A55C-B70546FDD866",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b3:*:*:*:*:*:*",
              "matchCriteriaId": "0B6444AC-588D-4154-B78E-3EB34129F1BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b4:*:*:*:*:*:*",
              "matchCriteriaId": "EC36154E-6006-45BB-A7CB-5293195602CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b5:*:*:*:*:*:*",
              "matchCriteriaId": "12C931B9-DDBE-4E94-8361-6A4D55886CF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b6:*:*:*:*:*:*",
              "matchCriteriaId": "3EBE0C35-0FB9-44D6-8FA2-8712A2BF9A60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.0:b7:*:*:*:*:*:*",
              "matchCriteriaId": "5FFA8AD2-CAE2-4818-9D0C-0C32E62F3A59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CA2A0A-B7DE-49DD-940D-C19801CF5D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D68D250-CA5B-4311-AF3C-48605948A067",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E4A0103-713D-4E56-B32F-EB1649F26EE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D009335-E83C-4B35-ADB0-CBD6B82C0EA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F4B0933-7D3A-43C9-9E42-FF5DAE94EDEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F317B556-717B-46B9-A81E-63FC61723B72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "400FE849-D547-44DE-B06F-5B68E5B20E07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p1:*:*:*:*:*:*",
              "matchCriteriaId": "E0845ED5-9C1A-4F1F-B6E5-AAF8B6893A28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p2:*:*:*:*:*:*",
              "matchCriteriaId": "1A23EB22-BD30-4FA3-9BAA-0B4B65C49F81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p3:*:*:*:*:*:*",
              "matchCriteriaId": "6EB00100-8EF0-463E-9C17-05525B7B5852",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.8:p4:*:*:*:*:*:*",
              "matchCriteriaId": "466B14A9-B16C-41F3-B2A0-C3194A6D1C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B256301B-9C6A-4BA6-8318-675C0EF4C316",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC33DAEE-8F51-404F-B5C4-B8A30B467E94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FCDC66D-3BF5-4763-8877-38B0D3326E62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "75772E28-BD93-4981-96FA-CDF41DAF65AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "2415230E-4F66-4DDE-9E34-F685E8F4085A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "5121749D-3E19-4A9B-8C2D-84420A4E289B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E14DE44-69E6-4D0E-AD06-A829AFCDE528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D5B202D-D93D-4E33-BC9F-DA44B727C0B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC62D42-832D-4E6E-93D9-E7BA0CBC7799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D49F98-9A24-464A-8695-58218C14B3DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADFFE78D-90EC-46C6-B215-2EADD9E0D146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "6132108C-C344-4ABC-AF40-1925830A6723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*",
              "matchCriteriaId": "8362D330-E286-4534-8560-B4B38E21767F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0496D60-BE45-45FF-B360-60E59443DB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA2EA0D4-05B6-4500-9374-74BBDAB6001F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16BDA03-BFAB-4839-A83A-370865928225",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB5A2E06-A98E-409C-9A90-460AF4CCF101",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FC396CE-FDA7-480C-9E94-1A26B7FB208E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7B30722-13DD-41C5-9CFA-0719B351CF46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "722BA04D-BA9B-427C-B129-06EFEC3F2859",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "2891FF7D-E62E-47F4-8873-1E4066247348",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A129110-60C1-46FC-9817-6E3802ADB389",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF52167B-1109-4E02-A02F-17465F4C47FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "61536049-1C52-42E2-96DC-E5FF88BCC850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE0EE4B5-C9D3-4DF1-B7B7-377B281FA313",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.08:*:*:*:*:*:*:*",
              "matchCriteriaId": "2811F3BC-03F8-4781-8D01-BAAE1BDE8895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.09:*:*:*:*:*:*:*",
              "matchCriteriaId": "82C4D865-9641-4E28-935C-BDCBDB9C2CEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BF1DADF-BD26-41CF-BFA3-3C2928CDF9F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "75CF8185-A8FC-4EEE-B937-34924834AB43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1561B7D-78BC-4910-85F4-113E84B97B3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "63DDF225-57D2-40E5-9BCA-672FBB3E2A6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04043E99-5F67-4FE9-89FC-695B981FBD5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD11753B-1993-4DE5-B172-AF4839B5620E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "711059F5-ACB3-4D2A-931F-BA1C4422FC8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DDB6C42-0837-462B-BE2B-11A81B43C590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EEAAF27-156A-40FF-ADBF-79D851E744AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB202677-DDC6-42D1-9A90-CD4A79198553",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2C3EF02-B456-4506-94E8-5C41CB4FF69B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "B07502AA-E3E7-4143-B194-7C366CEA4A28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stunnel:stunnel:4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C554E8-62F4-4C73-821D-AB93D8EE841C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad sin especificar en stunnel anterior a 4.23, cuando es ejecutado como un servicio en Windows, permite a usuarios locales obtener privilegios a trav\u00e9s de vectores de ataque desconocidos."
    }
  ],
  "id": "CVE-2008-2400",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-05-22T13:09:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30297"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/29285"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020049"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1568/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42526"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30297"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://stunnel.mirt.net/pipermail/stunnel-announce/2008-May/000034.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29285"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020049"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1568/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42526"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-2400 (GCVE-0-2008-2400)

CERTFR-2018-AVI-184

Solution

CERTFR-2018-AVI-184

Solution

GHSA-R8P5-H86H-72H9

GSD-2008-2400

FKIE_CVE-2008-2400

Tags

Sightings

Nomenclature