CVE-2018-0051 (GCVE-0-2018-0051)

Vulnerability from cvelistv5 – Published: 2018-10-10 18:00 – Updated: 2024-09-16 23:00
VLAI?
Summary
A Denial of Service vulnerability in the SIP application layer gateway (ALG) component of Junos OS based platforms allows an attacker to crash MS-PIC, MS-MIC, MS-MPC, MS-DPC or SRX flow daemon (flowd) process. This issue affects Junos OS devices with NAT or stateful firewall configuration in combination with the SIP ALG enabled. SIP ALG is enabled by default on SRX Series devices except for SRX-HE devices. SRX-HE devices have SIP ALG disabled by default. The status of ALGs in SRX device can be obtained by executing the command: show security alg status Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D70; 15.1X49 versions prior to 15.1X49-D140; 15.1 versions prior to 15.1R4-S9, 15.1R7-S1; 15.1F6; 16.1 versions prior to 16.1R4-S9, 16.1R6-S1, 16.1R7; 16.2 versions prior to 16.2R2-S7, 16.2R3; 17.1 versions prior to 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 versions prior to 17.3R1-S5, 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R2. No other Juniper Networks products or platforms are affected by this issue.
Severity ?
7.5 (High)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE
  • Denial of Service
Assigner
References
https://kb.juniper.net/JSA10885 x_refsource_CONFIRM
http://www.securitytracker.com/id/1041852 vdb-entryx_refsource_SECTRACK
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: 12.1X46 , < 12.1X46-D77 (custom)
Affected: 12.3X48 , < 12.3X48-D70 (custom)
Affected: 15.1X49 , < 15.1X49-D140 (custom)
Create a notification for this product.
    Juniper Networks Junos OS Affected: 15.1F6
Affected: 15.1 , < 15.1R4-S9, 15.1R7-S1 (custom)
Affected: 16.1 , < 16.1R4-S9, 16.1R6-S1, 16.1R7 (custom)
Affected: 16.2 , < 16.2R2-S7, 16.2R3 (custom)
Affected: 17.1 , < 17.1R2-S7, 17.1R3 (custom)
Affected: 17.2 , < 17.2R1-S6, 17.2R2-S4, 17.2R3 (custom)
Affected: 17.3 , < 17.3R1-S5, 17.3R2-S2, 17.3R3 (custom)
Affected: 17.4 , < 17.4R2 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:14:16.098Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10885"
          },
          {
            "name": "1041852",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041852"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "SRX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "12.1X46-D77",
              "status": "affected",
              "version": "12.1X46",
              "versionType": "custom"
            },
            {
              "lessThan": "12.3X48-D70",
              "status": "affected",
              "version": "12.3X48",
              "versionType": "custom"
            },
            {
              "lessThan": "15.1X49-D140",
              "status": "affected",
              "version": "15.1X49",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "status": "affected",
              "version": "15.1F6"
            },
            {
              "lessThan": "15.1R4-S9, 15.1R7-S1",
              "status": "affected",
              "version": "15.1",
              "versionType": "custom"
            },
            {
              "lessThan": "16.1R4-S9, 16.1R6-S1, 16.1R7",
              "status": "affected",
              "version": "16.1",
              "versionType": "custom"
            },
            {
              "lessThan": "16.2R2-S7, 16.2R3",
              "status": "affected",
              "version": "16.2",
              "versionType": "custom"
            },
            {
              "lessThan": "17.1R2-S7, 17.1R3",
              "status": "affected",
              "version": "17.1",
              "versionType": "custom"
            },
            {
              "lessThan": "17.2R1-S6, 17.2R2-S4, 17.2R3",
              "status": "affected",
              "version": "17.2",
              "versionType": "custom"
            },
            {
              "lessThan": "17.3R1-S5, 17.3R2-S2, 17.3R3",
              "status": "affected",
              "version": "17.3",
              "versionType": "custom"
            },
            {
              "lessThan": "17.4R2",
              "status": "affected",
              "version": "17.4",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2018-10-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Denial of Service vulnerability in the SIP application layer gateway (ALG) component of Junos OS based platforms allows an attacker to crash MS-PIC, MS-MIC, MS-MPC, MS-DPC or SRX flow daemon (flowd) process. This issue affects Junos OS devices with NAT or stateful firewall configuration in combination with the SIP ALG enabled. SIP ALG is enabled by default on SRX Series devices except for SRX-HE devices. SRX-HE devices have SIP ALG disabled by default. The status of ALGs in SRX device can be obtained by executing the command: show security alg status Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D70; 15.1X49 versions prior to 15.1X49-D140; 15.1 versions prior to 15.1R4-S9, 15.1R7-S1; 15.1F6; 16.1 versions prior to 16.1R4-S9, 16.1R6-S1, 16.1R7; 16.2 versions prior to 16.2R2-S7, 16.2R3; 17.1 versions prior to 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 versions prior to 17.3R1-S5, 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R2. No other Juniper Networks products or platforms are affected by this issue."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T09:57:01",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA10885"
        },
        {
          "name": "1041852",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041852"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve these specific issues: 12.1X46-D77, 12.3X48-D70, 12.3X48-D75, 14.1X53-D47, 15.1R4-S9, 15.1R7-S1, 15.1X49-D140, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D67, 16.1R4-S9, 16.1R6-S1, 16.1R7, 16.2R2-S7, 16.2R3, 17.1R2-S7, 17.1R3, 17.2R1-S6, 17.2R2-S4, 17.2R3, 17.3R1-S5, 17.3R2-S2, 17.3R3, 17.4R2, 18.1R1, 18.1X75-D10, 18.2R1, 18.2X75-D5, and all subsequent releases.\nThis fix has also been proactively committed into other releases that might not support SIP ALG configuration."
        }
      ],
      "source": {
        "advisory": "JSA10885",
        "defect": [
          "1326394"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: Denial of Service vulnerability in MS-PIC, MS-MIC, MS-MPC, MS-DPC and SRX flow daemon (flowd) related to SIP ALG",
      "workarounds": [
        {
          "lang": "en",
          "value": "Disable the use of the SIP ALG feature if it is not needed."
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2018-10-10T16:00:00.000Z",
          "ID": "CVE-2018-0051",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: Denial of Service vulnerability in MS-PIC, MS-MIC, MS-MPC, MS-DPC and SRX flow daemon (flowd) related to SIP ALG"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "12.1X46",
                            "version_value": "12.1X46-D77"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "12.3X48",
                            "version_value": "12.3X48-D70"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "15.1",
                            "version_value": "15.1R4-S9, 15.1R7-S1"
                          },
                          {
                            "affected": "=",
                            "version_affected": "=",
                            "version_name": "15.1F6",
                            "version_value": "15.1F6"
                          },
                          {
                            "affected": "\u003c",
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "15.1X49",
                            "version_value": "15.1X49-D140"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "16.1",
                            "version_value": "16.1R4-S9, 16.1R6-S1, 16.1R7"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "16.2",
                            "version_value": "16.2R2-S7, 16.2R3"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "17.1",
                            "version_value": "17.1R2-S7, 17.1R3"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "17.2",
                            "version_value": "17.2R1-S6, 17.2R2-S4, 17.2R3"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "17.3",
                            "version_value": "17.3R1-S5, 17.3R2-S2, 17.3R3"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "17.4",
                            "version_value": "17.4R2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Denial of Service vulnerability in the SIP application layer gateway (ALG) component of Junos OS based platforms allows an attacker to crash MS-PIC, MS-MIC, MS-MPC, MS-DPC or SRX flow daemon (flowd) process. This issue affects Junos OS devices with NAT or stateful firewall configuration in combination with the SIP ALG enabled. SIP ALG is enabled by default on SRX Series devices except for SRX-HE devices. SRX-HE devices have SIP ALG disabled by default. The status of ALGs in SRX device can be obtained by executing the command: show security alg status Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D70; 15.1X49 versions prior to 15.1X49-D140; 15.1 versions prior to 15.1R4-S9, 15.1R7-S1; 15.1F6; 16.1 versions prior to 16.1R4-S9, 16.1R6-S1, 16.1R7; 16.2 versions prior to 16.2R2-S7, 16.2R3; 17.1 versions prior to 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 versions prior to 17.3R1-S5, 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R2. No other Juniper Networks products or platforms are affected by this issue."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10885",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA10885"
            },
            {
              "name": "1041852",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041852"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve these specific issues: 12.1X46-D77, 12.3X48-D70, 12.3X48-D75, 14.1X53-D47, 15.1R4-S9, 15.1R7-S1, 15.1X49-D140, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D67, 16.1R4-S9, 16.1R6-S1, 16.1R7, 16.2R2-S7, 16.2R3, 17.1R2-S7, 17.1R3, 17.2R1-S6, 17.2R2-S4, 17.2R3, 17.3R1-S5, 17.3R2-S2, 17.3R3, 17.4R2, 18.1R1, 18.1X75-D10, 18.2R1, 18.2X75-D5, and all subsequent releases.\nThis fix has also been proactively committed into other releases that might not support SIP ALG configuration."
          }
        ],
        "source": {
          "advisory": "JSA10885",
          "defect": [
            "1326394"
          ],
          "discovery": "USER"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Disable the use of the SIP ALG feature if it is not needed."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2018-0051",
    "datePublished": "2018-10-10T18:00:00Z",
    "dateReserved": "2017-11-16T00:00:00",
    "dateUpdated": "2024-09-16T23:00:45.279Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFB89F64-16BB-4A14-9084-B338668D7FF1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*\", \"matchCriteriaId\": \"A71742CF-50B1-44BB-AB7B-27E5DCC9CF70\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*\", \"matchCriteriaId\": \"4FD4237A-C257-4D8A-ABC4-9B2160530A4E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A449C87-C5C3-48FE-9E46-64ED5DD5F193\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4B6215F-76BF-473F-B325-0975B0EB101E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:d30:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1C4A10C-49A3-4103-9E56-F881113BC5D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:d35:*:*:*:*:*:*\", \"matchCriteriaId\": \"50E7FD07-A309-48EC-A520-C7F0FA35865C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:d40:*:*:*:*:*:*\", \"matchCriteriaId\": \"F868948A-04D7-473B-971F-721302653633\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:d45:*:*:*:*:*:*\", \"matchCriteriaId\": \"830A9EBA-88F1-4277-B98F-75AC52A60824\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:d50:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFA2ADAB-E486-4DBB-8B84-CC095D102278\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:d55:*:*:*:*:*:*\", \"matchCriteriaId\": \"9ACD0C03-ACD9-4D47-B3EE-1D8753FF5A83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:d60:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DD32D8A-7531-4691-B45D-9EACC69A23D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:d65:*:*:*:*:*:*\", \"matchCriteriaId\": \"76DFA52F-5B2E-47DA-9A8E-7D17A7413929\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7192552C-7D4A-4D95-BA79-CDF465E27D37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4AC2E1E-74FB-4DA3-8292-B2079F83FF54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*\", \"matchCriteriaId\": \"5FF83BD0-3B28-481E-8C8F-09ECDA493DA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E296274-AFC1-4F56-A4B3-827C2E0BC9D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C82799B-BD25-4359-9E3D-4D7CA7367525\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*\", \"matchCriteriaId\": \"094485FF-960C-4533-A2AF-6C4D420D260D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8BE3661-1DE5-4F57-9384-68C1B34F6812\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*\", \"matchCriteriaId\": \"B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6C694C6-C58C-4513-91E8-6CC22A2386E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B65EF51-ED97-4973-94C4-8F66C553F190\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EE7C08A-2A4B-4A84-AD95-A890913E2EE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*\", \"matchCriteriaId\": \"44C61900-680C-4C74-8B96-ACC93FE9465E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20DABA6A-FA7A-4289-8C6A-2B93689A5440\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*\", \"matchCriteriaId\": \"D90D8985-34EF-44CC-A9A7-CB0FD22676F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*\", \"matchCriteriaId\": \"856A5668-FA4F-44E9-A3F0-BE4979F631E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA2459ED-DFA5-4701-AF92-C2928C3BD64D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*\", \"matchCriteriaId\": \"8830C4BC-2B3D-4CCF-A37E-79C2D46159BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*\", \"matchCriteriaId\": \"18468579-0195-4DDE-BAA5-4BE4068F3A69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E5FAA97-171F-4DB9-B78E-6E1A5F34336A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*\", \"matchCriteriaId\": \"870244F3-1C05-4F10-A205-5189BB860F46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*\", \"matchCriteriaId\": \"235EE40B-AA15-4F39-8087-A051F4F70995\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*\", \"matchCriteriaId\": \"17330544-3AFC-463E-A146-2840A8AE17D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*\", \"matchCriteriaId\": \"8ABA301F-7866-42A5-8391-E07BEAFF06FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*\", \"matchCriteriaId\": \"884E4A85-ED42-4391-9FDD-9052F957743A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*\", \"matchCriteriaId\": \"1901864B-688B-4352-A587-4B96B4E49FB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*\", \"matchCriteriaId\": \"78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*\", \"matchCriteriaId\": \"71198992-83AA-4E28-BA7D-A3C1897B5E2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*\", \"matchCriteriaId\": \"4323D874-C317-4D76-8E2D-C82376D84CBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*\", \"matchCriteriaId\": \"F56067DA-EBA9-481A-B60B-52148584EFBD\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD0952C4-FFCC-4A78-ADFC-289BD6E269DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*\", \"matchCriteriaId\": \"71D211B9-B2FE-4324-AAEE-8825D5238E48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E6CD065-EC06-4846-BD2A-D3CA7866070F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7620D01-1A6B-490F-857E-0D803E0AEE56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:r7-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"33A3ECF9-AA4D-41F9-8441-1EB5F1DB882E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2AC40ABB-E364-46C9-A904-C0ED02806250\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBE35BDC-7739-4854-8BB8-E8600603DE9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DC47132-9EEA-4518-8F86-5CD231FBFB61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD5A30CE-9498-4007-8E66-FD0CC6CF1836\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*\", \"matchCriteriaId\": \"72194CB7-FFDC-4897-9D6E-EA3459DDDEB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r6-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF5A9D31-ED7D-4390-B46D-7E46089DB932\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r7:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B4A4960-0241-4BF4-8857-8B7BE33466B6\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D571B57-4F4C-4232-9D3B-B2F7AAAB220B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3661BC68-6F32-447F-8D20-FD73FBBED9C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.2:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"11BD757A-99BC-44E8-A95B-2CDDA638E469\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"50B47EC5-0276-4799-B536-12B33B5F003B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7572C187-4D58-4E0D-A605-B2B13EFF5C6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E34A149E-C2ED-4D86-A105-0A2775654AE7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA99E0A9-8C98-49A8-A248-A53E3B723A90\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"64EB45C0-E3BD-4C0D-9E97-1DB726D66401\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E889BF9C-BDDF-4A6A-97BB-00A097EF6D91\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.2:r2-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"95473197-2553-4252-B5E5-CAF904C2EA6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.2:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"11E055AC-5626-4EBB-8611-17BB1E8AEF15\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F69A0E5-B61B-405D-B501-9CB306651CEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C433359-BC8B-4E69-BE74-A31EB148083A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"25C7C3D0-A203-4979-8375-A610ADD48E9E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"974B6128-ABD2-4D9C-87A1-5F1740DDCB95\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"988D317A-0646-491F-9B97-853E8E208276\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A Denial of Service vulnerability in the SIP application layer gateway (ALG) component of Junos OS based platforms allows an attacker to crash MS-PIC, MS-MIC, MS-MPC, MS-DPC or SRX flow daemon (flowd) process. This issue affects Junos OS devices with NAT or stateful firewall configuration in combination with the SIP ALG enabled. SIP ALG is enabled by default on SRX Series devices except for SRX-HE devices. SRX-HE devices have SIP ALG disabled by default. The status of ALGs in SRX device can be obtained by executing the command: show security alg status Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D70; 15.1X49 versions prior to 15.1X49-D140; 15.1 versions prior to 15.1R4-S9, 15.1R7-S1; 15.1F6; 16.1 versions prior to 16.1R4-S9, 16.1R6-S1, 16.1R7; 16.2 versions prior to 16.2R2-S7, 16.2R3; 17.1 versions prior to 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 versions prior to 17.3R1-S5, 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R2. No other Juniper Networks products or platforms are affected by this issue.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de denegaci\\u00f3n de servicio (DoS) en el componente ALG (Application Layer Gateway) de la capa de la aplicaci\\u00f3n SIP de las plataformas basadas en Junos OS permite que un atacante provoque el cierre inesperado de los procesos del demonio de flujo (flowd) MS-PIC, MS-MIC, MS-MPC, MS-DPC o SRX. Este problema afecta a los dispositivos Junos OS con NAT o una configuraci\\u00f3n de firewall con estado en combinaci\\u00f3n con el ALG SIP habilitado. ALG SIP est\\u00e1 habilitado por defecto en los dispositivos SRX Series excepto los dispositivos SRX-HE. Los dispositivos SRX-HE tienen ALG SIP deshabilitado por defecto.  El estado de los ALG en el dispositivo SRX puede obtenerse ejecutando el comando: show security alg status. Las versiones afectadas de Juniper Networks Junos OS son: 12.1X46 en versiones anteriores a la 12.1X46-D77; 12.3X48 en versiones anteriores a la 12.3X48-D70; 15.1X49 en versiones anteriores a la 15.1X49-D140; 15.1 en versiones anteriores a la 15.1R4-S9, 15.1R7-S1; 15.1F6; 16.1 en versiones anteriores a la 16.1R4-S9, 16.1R6-S1, 16.1R7; 16.2 en versiones anteriores a la 16.2R2-S7, 16.2R3; 17.1 en versiones anteriores a la 17.1R2-S7, 17.1R3; 17.2 en versiones anteriores a la 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 en versiones anteriores a la 17.3R1-S5, 17.3R2-S2, 17.3R3 y 17.4 en versiones anteriores a la 17.4R2. No hay ning\\u00fan otro producto o plataforma de Juniper Networks que se vea afectado por este problema.\"}]",
      "id": "CVE-2018-0051",
      "lastModified": "2024-11-21T03:37:26.313",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-10-10T18:29:02.313",
      "references": "[{\"url\": \"http://www.securitytracker.com/id/1041852\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.juniper.net/JSA10885\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1041852\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.juniper.net/JSA10885\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-0051\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2018-10-10T18:29:02.313\",\"lastModified\":\"2024-11-21T03:37:26.313\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Denial of Service vulnerability in the SIP application layer gateway (ALG) component of Junos OS based platforms allows an attacker to crash MS-PIC, MS-MIC, MS-MPC, MS-DPC or SRX flow daemon (flowd) process. This issue affects Junos OS devices with NAT or stateful firewall configuration in combination with the SIP ALG enabled. SIP ALG is enabled by default on SRX Series devices except for SRX-HE devices. SRX-HE devices have SIP ALG disabled by default. The status of ALGs in SRX device can be obtained by executing the command: show security alg status Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D70; 15.1X49 versions prior to 15.1X49-D140; 15.1 versions prior to 15.1R4-S9, 15.1R7-S1; 15.1F6; 16.1 versions prior to 16.1R4-S9, 16.1R6-S1, 16.1R7; 16.2 versions prior to 16.2R2-S7, 16.2R3; 17.1 versions prior to 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 versions prior to 17.3R1-S5, 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R2. No other Juniper Networks products or platforms are affected by this issue.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en el componente ALG (Application Layer Gateway) de la capa de la aplicaci\u00f3n SIP de las plataformas basadas en Junos OS permite que un atacante provoque el cierre inesperado de los procesos del demonio de flujo (flowd) MS-PIC, MS-MIC, MS-MPC, MS-DPC o SRX. Este problema afecta a los dispositivos Junos OS con NAT o una configuraci\u00f3n de firewall con estado en combinaci\u00f3n con el ALG SIP habilitado. ALG SIP est\u00e1 habilitado por defecto en los dispositivos SRX Series excepto los dispositivos SRX-HE. Los dispositivos SRX-HE tienen ALG SIP deshabilitado por defecto.  El estado de los ALG en el dispositivo SRX puede obtenerse ejecutando el comando: show security alg status. Las versiones afectadas de Juniper Networks Junos OS son: 12.1X46 en versiones anteriores a la 12.1X46-D77; 12.3X48 en versiones anteriores a la 12.3X48-D70; 15.1X49 en versiones anteriores a la 15.1X49-D140; 15.1 en versiones anteriores a la 15.1R4-S9, 15.1R7-S1; 15.1F6; 16.1 en versiones anteriores a la 16.1R4-S9, 16.1R6-S1, 16.1R7; 16.2 en versiones anteriores a la 16.2R2-S7, 16.2R3; 17.1 en versiones anteriores a la 17.1R2-S7, 17.1R3; 17.2 en versiones anteriores a la 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 en versiones anteriores a la 17.3R1-S5, 17.3R2-S2, 17.3R3 y 17.4 en versiones anteriores a la 17.4R2. No hay ning\u00fan otro producto o plataforma de Juniper Networks que se vea afectado por este problema.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFB89F64-16BB-4A14-9084-B338668D7FF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"A71742CF-50B1-44BB-AB7B-27E5DCC9CF70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FD4237A-C257-4D8A-ABC4-9B2160530A4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A449C87-C5C3-48FE-9E46-64ED5DD5F193\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4B6215F-76BF-473F-B325-0975B0EB101E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1C4A10C-49A3-4103-9E56-F881113BC5D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"50E7FD07-A309-48EC-A520-C7F0FA35865C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"F868948A-04D7-473B-971F-721302653633\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d45:*:*:*:*:*:*\",\"matchCriteriaId\":\"830A9EBA-88F1-4277-B98F-75AC52A60824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d50:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFA2ADAB-E486-4DBB-8B84-CC095D102278\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d55:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ACD0C03-ACD9-4D47-B3EE-1D8753FF5A83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d60:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DD32D8A-7531-4691-B45D-9EACC69A23D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:d65:*:*:*:*:*:*\",\"matchCriteriaId\":\"76DFA52F-5B2E-47DA-9A8E-7D17A7413929\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7192552C-7D4A-4D95-BA79-CDF465E27D37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4AC2E1E-74FB-4DA3-8292-B2079F83FF54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FF83BD0-3B28-481E-8C8F-09ECDA493DA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E296274-AFC1-4F56-A4B3-827C2E0BC9D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C82799B-BD25-4359-9E3D-4D7CA7367525\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"094485FF-960C-4533-A2AF-6C4D420D260D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8BE3661-1DE5-4F57-9384-68C1B34F6812\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*\",\"matchCriteriaId\":\"B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6C694C6-C58C-4513-91E8-6CC22A2386E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B65EF51-ED97-4973-94C4-8F66C553F190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EE7C08A-2A4B-4A84-AD95-A890913E2EE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*\",\"matchCriteriaId\":\"44C61900-680C-4C74-8B96-ACC93FE9465E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20DABA6A-FA7A-4289-8C6A-2B93689A5440\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"D90D8985-34EF-44CC-A9A7-CB0FD22676F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*\",\"matchCriteriaId\":\"856A5668-FA4F-44E9-A3F0-BE4979F631E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA2459ED-DFA5-4701-AF92-C2928C3BD64D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*\",\"matchCriteriaId\":\"8830C4BC-2B3D-4CCF-A37E-79C2D46159BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"18468579-0195-4DDE-BAA5-4BE4068F3A69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E5FAA97-171F-4DB9-B78E-6E1A5F34336A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"870244F3-1C05-4F10-A205-5189BB860F46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"235EE40B-AA15-4F39-8087-A051F4F70995\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*\",\"matchCriteriaId\":\"17330544-3AFC-463E-A146-2840A8AE17D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ABA301F-7866-42A5-8391-E07BEAFF06FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*\",\"matchCriteriaId\":\"884E4A85-ED42-4391-9FDD-9052F957743A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*\",\"matchCriteriaId\":\"1901864B-688B-4352-A587-4B96B4E49FB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*\",\"matchCriteriaId\":\"78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*\",\"matchCriteriaId\":\"71198992-83AA-4E28-BA7D-A3C1897B5E2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*\",\"matchCriteriaId\":\"4323D874-C317-4D76-8E2D-C82376D84CBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*\",\"matchCriteriaId\":\"F56067DA-EBA9-481A-B60B-52148584EFBD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD0952C4-FFCC-4A78-ADFC-289BD6E269DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*\",\"matchCriteriaId\":\"71D211B9-B2FE-4324-AAEE-8825D5238E48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E6CD065-EC06-4846-BD2A-D3CA7866070F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7620D01-1A6B-490F-857E-0D803E0AEE56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:r7-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"33A3ECF9-AA4D-41F9-8441-1EB5F1DB882E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AC40ABB-E364-46C9-A904-C0ED02806250\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBE35BDC-7739-4854-8BB8-E8600603DE9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC47132-9EEA-4518-8F86-5CD231FBFB61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD5A30CE-9498-4007-8E66-FD0CC6CF1836\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"72194CB7-FFDC-4897-9D6E-EA3459DDDEB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r6-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF5A9D31-ED7D-4390-B46D-7E46089DB932\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r7:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B4A4960-0241-4BF4-8857-8B7BE33466B6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D571B57-4F4C-4232-9D3B-B2F7AAAB220B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3661BC68-6F32-447F-8D20-FD73FBBED9C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"11BD757A-99BC-44E8-A95B-2CDDA638E469\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50B47EC5-0276-4799-B536-12B33B5F003B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7572C187-4D58-4E0D-A605-B2B13EFF5C6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E34A149E-C2ED-4D86-A105-0A2775654AE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA99E0A9-8C98-49A8-A248-A53E3B723A90\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64EB45C0-E3BD-4C0D-9E97-1DB726D66401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E889BF9C-BDDF-4A6A-97BB-00A097EF6D91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.2:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"95473197-2553-4252-B5E5-CAF904C2EA6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"11E055AC-5626-4EBB-8611-17BB1E8AEF15\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F69A0E5-B61B-405D-B501-9CB306651CEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C433359-BC8B-4E69-BE74-A31EB148083A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"25C7C3D0-A203-4979-8375-A610ADD48E9E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"974B6128-ABD2-4D9C-87A1-5F1740DDCB95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"988D317A-0646-491F-9B97-853E8E208276\"}]}]}],\"references\":[{\"url\":\"http://www.securitytracker.com/id/1041852\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10885\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1041852\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10885\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.