CVE-2019-0036 (GCVE-0-2019-0036)
Vulnerability from cvelistv5 – Published: 2019-04-10 20:13 – Updated: 2024-09-16 20:51
VLAI?
Summary
When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" (e.g. "internal-1", "internal-2", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results. Affected releases are Juniper Networks Junos OS: All versions prior to and including 12.3; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D161, 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4; 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3; 18.4 versions prior to 18.4R1-S1, 18.4R1-S2.
Severity ?
7.2 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
12.1X46
Affected: 12.3X48 Affected: 12.3 Affected: 14.1X53 , < 14.1X53-D130, 14.1X53-D49 (custom) Affected: 15.1 , < 15.1F6-S12, 15.1R7-S4 (custom) Affected: 15.1X49 , < 15.1X49-D161, 15.1X49-D170 (custom) Affected: 15.1X53 , < 15.1X53-D236, 15.1X53-D496, 15.1X53-D69 (custom) Affected: 16.1 , < 16.1R7-S4, 16.1R7-S5 (custom) Affected: 16.2 , < 16.2R2-S9 (custom) Affected: 17.1 , < 17.1R3 (custom) Affected: 17.2 , < 17.2R1-S8, 17.2R3-S1 (custom) Affected: 17.3 , < 17.3R3-S4 (custom) Affected: 17.4 , < 17.4R1-S7, 17.4R2-S3 (custom) Affected: 18.1 , < 18.1R2-S4, 18.1R3-S4 (custom) Affected: 18.2 , < 18.2R1-S5, 18.2R2-S1 (custom) Affected: 18.2X75 , < 18.2X75-D40 (custom) Affected: 18.3 , < 18.3R1-S3 (custom) Affected: 18.4 , < 18.4R1-S1, 18.4R1-S2 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:07.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10925"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "12.1X46"
},
{
"status": "affected",
"version": "12.3X48"
},
{
"status": "affected",
"version": "12.3"
},
{
"lessThan": "14.1X53-D130, 14.1X53-D49",
"status": "affected",
"version": "14.1X53",
"versionType": "custom"
},
{
"lessThan": "15.1F6-S12, 15.1R7-S4",
"status": "affected",
"version": "15.1",
"versionType": "custom"
},
{
"lessThan": "15.1X49-D161, 15.1X49-D170",
"status": "affected",
"version": "15.1X49",
"versionType": "custom"
},
{
"lessThan": "15.1X53-D236, 15.1X53-D496, 15.1X53-D69",
"status": "affected",
"version": "15.1X53",
"versionType": "custom"
},
{
"lessThan": "16.1R7-S4, 16.1R7-S5",
"status": "affected",
"version": "16.1",
"versionType": "custom"
},
{
"lessThan": "16.2R2-S9",
"status": "affected",
"version": "16.2",
"versionType": "custom"
},
{
"lessThan": "17.1R3",
"status": "affected",
"version": "17.1",
"versionType": "custom"
},
{
"lessThan": "17.2R1-S8, 17.2R3-S1",
"status": "affected",
"version": "17.2",
"versionType": "custom"
},
{
"lessThan": "17.3R3-S4",
"status": "affected",
"version": "17.3",
"versionType": "custom"
},
{
"lessThan": "17.4R1-S7, 17.4R2-S3",
"status": "affected",
"version": "17.4",
"versionType": "custom"
},
{
"lessThan": "18.1R2-S4, 18.1R3-S4",
"status": "affected",
"version": "18.1",
"versionType": "custom"
},
{
"lessThan": "18.2R1-S5, 18.2R2-S1",
"status": "affected",
"version": "18.2",
"versionType": "custom"
},
{
"lessThan": "18.2X75-D40",
"status": "affected",
"version": "18.2X75",
"versionType": "custom"
},
{
"lessThan": "18.3R1-S3",
"status": "affected",
"version": "18.3",
"versionType": "custom"
},
{
"lessThan": "18.4R1-S1, 18.4R1-S2",
"status": "affected",
"version": "18.4",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Sample configuration:\n\n term internal-1 {\n from {\n source-address {\n 157.249.32.21/32;\n }\n destination-address {\n 157.249.197.64/30;\n }\n protocol udp;\n destination-port 123;\n }\n then {\n count scan-ad-internal-1;\n accept;\n }\n }"
}
],
"datePublic": "2019-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When configuring a stateless firewall filter in Junos OS, terms named using the format \"internal-n\" (e.g. \"internal-1\", \"internal-2\", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results. Affected releases are Juniper Networks Junos OS: All versions prior to and including 12.3; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D161, 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4; 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3; 18.4 versions prior to 18.4R1-S1, 18.4R1-S2."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-10T20:13:51",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10925"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 14.1X53-D130, 14.1X53-D49, 15.1F6-S12, 15.1R7-S4, 15.1X49-D161, 15.1X49-D170, 15.1X53-D236, 15.1X53-D496, 15.1X53-D69, 16.1R7-S4, 16.2R2-S9, 17.1R3, 17.2R1-S8, 17.2R3-S1, 17.3R3-S4, 17.4R1-S7, 17.4R2-S3, 18.1R2-S4, 18.1R3-S4, 18.2R1-S5, 18.2R2-S1, 18.2X75-D40, 18.3R1-S3, 18.4R1-S1, 19.1R1, and all subsequent releases.\n\nNote: Fixes are not available for Junos OS 12.1X46, 12.3X48, or 12.3R12 due to the high risk of making changes to earlier releases, and the easily implemented available workaround."
}
],
"source": {
"advisory": "JSA10925",
"defect": [
"1394922"
],
"discovery": "USER"
},
"title": "Junos OS: Firewall filter terms named \"internal-1\" and \"internal-2\" being ignored",
"workarounds": [
{
"lang": "en",
"value": "Avoid configuring firewall filter names of the format: internal-n."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-04-10T16:00:00.000Z",
"ID": "CVE-2019-0036",
"STATE": "PUBLIC",
"TITLE": "Junos OS: Firewall filter terms named \"internal-1\" and \"internal-2\" being ignored"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "14.1X53",
"version_value": "14.1X53-D130, 14.1X53-D49"
},
{
"version_affected": "\u003c",
"version_name": "15.1",
"version_value": "15.1F6-S12, 15.1R7-S4"
},
{
"version_affected": "\u003c",
"version_name": "15.1X49",
"version_value": "15.1X49-D161, 15.1X49-D170"
},
{
"version_affected": "\u003c",
"version_name": "15.1X53",
"version_value": "15.1X53-D236, 15.1X53-D496, 15.1X53-D69"
},
{
"version_affected": "\u003c",
"version_name": "16.1",
"version_value": "16.1R7-S4, 16.1R7-S5"
},
{
"version_affected": "\u003c",
"version_name": "16.2",
"version_value": "16.2R2-S9"
},
{
"version_affected": "\u003c",
"version_name": "17.1",
"version_value": "17.1R3"
},
{
"version_affected": "\u003c",
"version_name": "17.2",
"version_value": "17.2R1-S8, 17.2R3-S1"
},
{
"version_affected": "\u003c",
"version_name": "17.3",
"version_value": "17.3R3-S4"
},
{
"version_affected": "\u003c",
"version_name": "17.4",
"version_value": "17.4R1-S7, 17.4R2-S3"
},
{
"version_affected": "\u003c",
"version_name": "18.1",
"version_value": "18.1R2-S4, 18.1R3-S4"
},
{
"version_affected": "\u003c",
"version_name": "18.2",
"version_value": "18.2R1-S5, 18.2R2-S1"
},
{
"version_affected": "\u003c",
"version_name": "18.2X75",
"version_value": "18.2X75-D40"
},
{
"version_affected": "\u003c",
"version_name": "18.3",
"version_value": "18.3R1-S3"
},
{
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R1-S1, 18.4R1-S2"
},
{
"version_affected": "=",
"version_name": "12.1X46",
"version_value": "12.1X46"
},
{
"version_affected": "=",
"version_name": "12.3X48",
"version_value": "12.3X48"
},
{
"version_affected": "=",
"version_name": "12.3",
"version_value": "12.3"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Sample configuration:\n\n term internal-1 {\n from {\n source-address {\n 157.249.32.21/32;\n }\n destination-address {\n 157.249.197.64/30;\n }\n protocol udp;\n destination-port 123;\n }\n then {\n count scan-ad-internal-1;\n accept;\n }\n }"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When configuring a stateless firewall filter in Junos OS, terms named using the format \"internal-n\" (e.g. \"internal-1\", \"internal-2\", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results. Affected releases are Juniper Networks Junos OS: All versions prior to and including 12.3; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D161, 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4; 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3; 18.4 versions prior to 18.4R1-S1, 18.4R1-S2."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10925",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10925"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 14.1X53-D130, 14.1X53-D49, 15.1F6-S12, 15.1R7-S4, 15.1X49-D161, 15.1X49-D170, 15.1X53-D236, 15.1X53-D496, 15.1X53-D69, 16.1R7-S4, 16.2R2-S9, 17.1R3, 17.2R1-S8, 17.2R3-S1, 17.3R3-S4, 17.4R1-S7, 17.4R2-S3, 18.1R2-S4, 18.1R3-S4, 18.2R1-S5, 18.2R2-S1, 18.2X75-D40, 18.3R1-S3, 18.4R1-S1, 19.1R1, and all subsequent releases.\n\nNote: Fixes are not available for Junos OS 12.1X46, 12.3X48, or 12.3R12 due to the high risk of making changes to earlier releases, and the easily implemented available workaround."
}
],
"source": {
"advisory": "JSA10925",
"defect": [
"1394922"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "Avoid configuring firewall filter names of the format: internal-n."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2019-0036",
"datePublished": "2019-04-10T20:13:51.331942Z",
"dateReserved": "2018-10-11T00:00:00",
"dateUpdated": "2024-09-16T20:51:51.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"285CD1E5-C6D3-470A-8556-653AFF74D0F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*\", \"matchCriteriaId\": \"C56F5C48-BA48-4EE1-88BE-782B3CFB3B90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C56E6C3-BBB6-4853-91D9-99C7676D0CD4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E0ECBD8-3D66-49DA-A557-5695159F0C06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EAA2998-A0D6-4818-9E7C-25E8099403E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*\", \"matchCriteriaId\": \"71D211B9-B2FE-4324-AAEE-8825D5238E48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E6CD065-EC06-4846-BD2A-D3CA7866070F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7620D01-1A6B-490F-857E-0D803E0AEE56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*\", \"matchCriteriaId\": \"08FC0245-A4FF-42C0-A236-8569301E351A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*\", \"matchCriteriaId\": \"120EA9E3-788B-4CFD-A74F-17111FFD0131\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1f6-s1:f6:*:*:*:*:*:*\", \"matchCriteriaId\": \"F13BC7FE-9DE8-424F-B542-11ACAC3FBC06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1f6-s2:f6:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD300A7F-356B-4A72-B9BE-92ADFA33EBF8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1f6-s4:f6:*:*:*:*:*:*\", \"matchCriteriaId\": \"C92BF5DD-0C64-4305-801D-B79F611D3DBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1f6-s5:f6:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC6D8CAA-8801-4B51-B0B9-25D5F9338345\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1f6-s6:f6:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE5829DE-300B-464B-81B1-12808B5AEC56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1f6-s7:f6:*:*:*:*:*:*\", \"matchCriteriaId\": \"9594BDF9-1B9A-4843-AED8-B718A34A6C9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1f6-s8:f6:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AE62DD4-B904-4FD4-B7FB-6E3384DDBF35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1f6-s9:f6:*:*:*:*:*:*\", \"matchCriteriaId\": \"A35CA1B8-5C58-48F9-899F-91C79930AFD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1f6-s10:f6:*:*:*:*:*:*\", \"matchCriteriaId\": \"025FBD33-6649-403C-822E-3BDA94A20FA5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1f6-s11:f6:*:*:*:*:*:*\", \"matchCriteriaId\": \"98B0BD67-A60F-40E4-9FF4-DF129ABE1556\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*\", \"matchCriteriaId\": \"D90D8985-34EF-44CC-A9A7-CB0FD22676F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*\", \"matchCriteriaId\": \"856A5668-FA4F-44E9-A3F0-BE4979F631E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA2459ED-DFA5-4701-AF92-C2928C3BD64D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*\", \"matchCriteriaId\": \"8830C4BC-2B3D-4CCF-A37E-79C2D46159BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*\", \"matchCriteriaId\": \"E288F54B-AEA3-412F-85A4-EBDFE74DB84F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*\", \"matchCriteriaId\": \"18468579-0195-4DDE-BAA5-4BE4068F3A69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E5FAA97-171F-4DB9-B78E-6E1A5F34336A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*\", \"matchCriteriaId\": \"870244F3-1C05-4F10-A205-5189BB860F46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*\", \"matchCriteriaId\": \"235EE40B-AA15-4F39-8087-A051F4F70995\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*\", \"matchCriteriaId\": \"17330544-3AFC-463E-A146-2840A8AE17D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*\", \"matchCriteriaId\": \"8ABA301F-7866-42A5-8391-E07BEAFF06FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*\", \"matchCriteriaId\": \"884E4A85-ED42-4391-9FDD-9052F957743A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*\", \"matchCriteriaId\": \"1901864B-688B-4352-A587-4B96B4E49FB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*\", \"matchCriteriaId\": \"78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B6670FB-9F5A-469B-97F2-074C28572065\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*\", \"matchCriteriaId\": \"71198992-83AA-4E28-BA7D-A3C1897B5E2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*\", \"matchCriteriaId\": \"4323D874-C317-4D76-8E2D-C82376D84CBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*\", \"matchCriteriaId\": \"F56067DA-EBA9-481A-B60B-52148584EFBD\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E87C765-8D68-404A-AC71-3F22A7260E8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E3B807C-196D-42B8-9042-7582A1366772\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*\", \"matchCriteriaId\": \"83FEEE8F-9279-46F2-BAF9-A60537020C61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBD36C0D-0F44-4349-968D-4CD60F281D84\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d230:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E364FE2-5FB1-4E14-8DF5-CA21F4BFBBC5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d231:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F22C4C2-20E0-428F-A9BF-37E8BD63A9E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d232:*:*:*:*:*:*\", \"matchCriteriaId\": \"71334963-7BF1-49DB-84E6-D6F2A927458B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d233:*:*:*:*:*:*\", \"matchCriteriaId\": \"E773AA7F-AB97-488A-B73D-682FB5553B31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d25:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DD0B95A-7C9F-4A18-9CD8-BA344DEFC9D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F294E43-73FA-4EF3-90F2-EE29C56D6573\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDDE1048-BFEA-4A3E-8270-27C538A68837\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC517CD0-FF35-498F-AD33-683B43CA3829\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*\", \"matchCriteriaId\": \"53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d40:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2B5ED13-F998-447C-8FEA-047FE9FE2F4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d45:*:*:*:*:*:*\", \"matchCriteriaId\": \"65F3CD2A-D5E1-4EFF-9013-6D81B396F765\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d495:*:*:*:*:*:*\", \"matchCriteriaId\": \"723FD85C-C763-4017-B6BF-0CA707997D2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d56:*:*:*:*:*:*\", \"matchCriteriaId\": \"3978B35D-5745-47BC-A56F-A0678AB0F3E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*\", \"matchCriteriaId\": \"962CCED8-E321-4878-9BE6-0DC33778559A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B08B97A-5D4D-405B-A1C4-9E327E4EED35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*\", \"matchCriteriaId\": \"738C1061-E8B8-4924-AFE9-5E59F22CA4A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*\", \"matchCriteriaId\": \"9071DC8C-D0AA-448E-82BF-7C801199193F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBE35BDC-7739-4854-8BB8-E8600603DE9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DC47132-9EEA-4518-8F86-5CD231FBFB61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD5A30CE-9498-4007-8E66-FD0CC6CF1836\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D3E38C1-808C-4BD3-993D-F30855F5390F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*\", \"matchCriteriaId\": \"72194CB7-FFDC-4897-9D6E-EA3459DDDEB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r6:*:*:*:*:*:*\", \"matchCriteriaId\": \"92F35C19-5AD2-4F98-8313-2E880714DF3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r7:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B4A4960-0241-4BF4-8857-8B7BE33466B6\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"38A40E03-F915-4888-87B0-5950F75F097D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"69FC46D4-39E2-4E2F-A1D3-1001769A7115\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r3:-:*:*:*:*:*\", \"matchCriteriaId\": \"D1CAEBD2-2E46-44B5-B1D1-1DDBD450FD27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"565AE6D8-28A9-4A62-A886-5BAB954695D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C366F93-BB30-4144-99AE-40B676977834\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"488BB10A-1360-42E5-A68D-23D51B332850\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E889BF9C-BDDF-4A6A-97BB-00A097EF6D91\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.2:r1-s7:*:*:*:*:*:*\", \"matchCriteriaId\": \"9689695F-53EB-4B35-9072-750E7282B011\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D45F2C3-20FF-4A91-A440-E109B3CCE7C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.2:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"11E055AC-5626-4EBB-8611-17BB1E8AEF15\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"988D317A-0646-491F-9B97-853E8E208276\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E0CE79A-157D-47DE-BE65-936BC12470EB\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0A756E2-C320-405A-B24F-7C5022649E5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r1:-:*:*:*:*:*\", \"matchCriteriaId\": \"90BF177D-A895-4D05-B674-B27420A5DC6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"A893CCE5-96B8-44A1-ABEF-6AB9B527B2FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"21B7820C-01D2-401C-9E6D-C83994FD5961\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D2FBD29-2CAC-41B4-9336-671373EF4A7C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AB8585E-EDC6-4400-BEE3-3A6A7C922C90\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2x75:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEC6BBCF-6429-4BD8-9728-4A1B0616D7C9\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"12.3\", \"matchCriteriaId\": \"CEE60500-EC4A-466A-A0B8-26337AC3CCBB\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FEF5DD8-B0B2-4ED2-B38F-CE870485AB8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*\", \"matchCriteriaId\": \"09771B8F-8B2A-4E8B-B4D3-80677697FCF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*\", \"matchCriteriaId\": \"55E2F909-E1CC-45AA-ABA9-58178B751808\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1AA12C5-4520-4F79-80BE-66112F7AFC2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*\", \"matchCriteriaId\": \"807C8110-5CC2-45F0-B094-BBF9C0B63BDD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*\", \"matchCriteriaId\": \"547E5737-D385-49B9-A69F-A3B185A34116\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*\", \"matchCriteriaId\": \"2ED257ED-A56B-48A6-8568-65F36FFFC753\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*\", \"matchCriteriaId\": \"74500FC7-EE82-4AA8-9A5F-15DE4835E337\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*\", \"matchCriteriaId\": \"AAE14AE1-6756-4831-A8D5-A6D07DB24AF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*\", \"matchCriteriaId\": \"A545D686-25FD-47CD-838A-CF69FB707253\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d42:*:*:*:*:*:*\", \"matchCriteriaId\": \"39427B97-EB80-46BE-A5D0-90CCEC1DD207\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d43:*:*:*:*:*:*\", \"matchCriteriaId\": \"131CBAB6-8222-4CDC-AEC8-8AD1AD507C61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d44:*:*:*:*:*:*\", \"matchCriteriaId\": \"81BEA7EA-FF95-425B-9245-21927E1F30C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB013C0D-893D-4A71-AF86-B63DB4464784\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A3CB6CF-A22B-43F8-8E92-6268BBF7E644\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d47:*:*:*:*:*:*\", \"matchCriteriaId\": \"E77B6650-6316-41D1-9EA3-4429DD972628\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:d48:*:*:*:*:*:*\", \"matchCriteriaId\": \"E03E379C-BC08-4FB7-9C01-41F75DFD281F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A38F224C-8E9B-44F3-9D4F-6C9F04F57927\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"When configuring a stateless firewall filter in Junos OS, terms named using the format \\\"internal-n\\\" (e.g. \\\"internal-1\\\", \\\"internal-2\\\", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results. Affected releases are Juniper Networks Junos OS: All versions prior to and including 12.3; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D161, 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4; 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3; 18.4 versions prior to 18.4R1-S1, 18.4R1-S2.\"}, {\"lang\": \"es\", \"value\": \"Cuando se configura un filtro de cortafuegos sin estado en Junos OS, los t\\u00e9rminos nombrados con el formato \\\"internal-n\\\" (por ejemplo, \\\"internal-1\\\", \\\"internal-2\\\", etc.) se ignoran en silencio. No se emite ninguna advertencia durante la configuraci\\u00f3n, y la configuraci\\u00f3n se realiza sin errores, pero los criterios de filtrado coincidir\\u00e1n con todos los paquetes, lo que dar\\u00e1 lugar a resultados inesperados. Las versiones afectadas de Juniper Networks Junos OS son: todas las versiones anteriores e incluyendo 12.3; 14.1X53 versiones anteriores a 14.1X53-D130, 14.1X53-D49; 15.1 versiones anteriores a 15.1F6-S12, 15.1R7-S4; 15.1X49 versiones anteriores a 15.1X49-D161, 15.1X49-D170; 15.1X53 versiones anteriores a 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versiones anteriores a 16.1R7-S4, 16.1R7-S5; 16.2 versiones anteriores a 16.2R2-S9; 17.1 versiones anteriores a 17.1R3; 17.2 versiones anteriores a 17.2R1-S8, 17.2R3-S1; 17.3 versiones anteriores a 17.3R3-S4; 17.4 versiones anteriores a 17.4R1-S7, 17.4R2-S3; 18.1 versiones anteriores a 18.1R2-S4, 18.1R3-S4; 18.2 versiones anteriores a 18.2R1-S5, 18.2R2-S1; 18.2X75 versiones anteriores a 18.2X75-D40; 18.3 versiones anteriores a 18.3R1-S3; 18.4 versiones anteriores a 18.4R1-S1, 18.4R1-S2.\"}]",
"id": "CVE-2019-0036",
"lastModified": "2024-11-21T04:16:05.940",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV30\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2019-04-10T20:29:00.757",
"references": "[{\"url\": \"https://kb.juniper.net/JSA10925\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://kb.juniper.net/JSA10925\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-284\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-754\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-0036\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2019-04-10T20:29:00.757\",\"lastModified\":\"2024-11-21T04:16:05.940\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When configuring a stateless firewall filter in Junos OS, terms named using the format \\\"internal-n\\\" (e.g. \\\"internal-1\\\", \\\"internal-2\\\", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results. Affected releases are Juniper Networks Junos OS: All versions prior to and including 12.3; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D161, 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4; 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3; 18.4 versions prior to 18.4R1-S1, 18.4R1-S2.\"},{\"lang\":\"es\",\"value\":\"Cuando se configura un filtro de cortafuegos sin estado en Junos OS, los t\u00e9rminos nombrados con el formato \\\"internal-n\\\" (por ejemplo, \\\"internal-1\\\", \\\"internal-2\\\", etc.) se ignoran en silencio. No se emite ninguna advertencia durante la configuraci\u00f3n, y la configuraci\u00f3n se realiza sin errores, pero los criterios de filtrado coincidir\u00e1n con todos los paquetes, lo que dar\u00e1 lugar a resultados inesperados. Las versiones afectadas de Juniper Networks Junos OS son: todas las versiones anteriores e incluyendo 12.3; 14.1X53 versiones anteriores a 14.1X53-D130, 14.1X53-D49; 15.1 versiones anteriores a 15.1F6-S12, 15.1R7-S4; 15.1X49 versiones anteriores a 15.1X49-D161, 15.1X49-D170; 15.1X53 versiones anteriores a 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versiones anteriores a 16.1R7-S4, 16.1R7-S5; 16.2 versiones anteriores a 16.2R2-S9; 17.1 versiones anteriores a 17.1R3; 17.2 versiones anteriores a 17.2R1-S8, 17.2R3-S1; 17.3 versiones anteriores a 17.3R3-S4; 17.4 versiones anteriores a 17.4R1-S7, 17.4R2-S3; 18.1 versiones anteriores a 18.1R2-S4, 18.1R3-S4; 18.2 versiones anteriores a 18.2R1-S5, 18.2R2-S1; 18.2X75 versiones anteriores a 18.2X75-D40; 18.3 versiones anteriores a 18.3R1-S3; 18.4 versiones anteriores a 18.4R1-S1, 18.4R1-S2.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-754\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"285CD1E5-C6D3-470A-8556-653AFF74D0F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C56F5C48-BA48-4EE1-88BE-782B3CFB3B90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C56E6C3-BBB6-4853-91D9-99C7676D0CD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E0ECBD8-3D66-49DA-A557-5695159F0C06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EAA2998-A0D6-4818-9E7C-25E8099403E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*\",\"matchCriteriaId\":\"71D211B9-B2FE-4324-AAEE-8825D5238E48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E6CD065-EC06-4846-BD2A-D3CA7866070F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7620D01-1A6B-490F-857E-0D803E0AEE56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"08FC0245-A4FF-42C0-A236-8569301E351A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"120EA9E3-788B-4CFD-A74F-17111FFD0131\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1f6-s1:f6:*:*:*:*:*:*\",\"matchCriteriaId\":\"F13BC7FE-9DE8-424F-B542-11ACAC3FBC06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1f6-s2:f6:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD300A7F-356B-4A72-B9BE-92ADFA33EBF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1f6-s4:f6:*:*:*:*:*:*\",\"matchCriteriaId\":\"C92BF5DD-0C64-4305-801D-B79F611D3DBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1f6-s5:f6:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC6D8CAA-8801-4B51-B0B9-25D5F9338345\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1f6-s6:f6:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE5829DE-300B-464B-81B1-12808B5AEC56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1f6-s7:f6:*:*:*:*:*:*\",\"matchCriteriaId\":\"9594BDF9-1B9A-4843-AED8-B718A34A6C9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1f6-s8:f6:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AE62DD4-B904-4FD4-B7FB-6E3384DDBF35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1f6-s9:f6:*:*:*:*:*:*\",\"matchCriteriaId\":\"A35CA1B8-5C58-48F9-899F-91C79930AFD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1f6-s10:f6:*:*:*:*:*:*\",\"matchCriteriaId\":\"025FBD33-6649-403C-822E-3BDA94A20FA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1f6-s11:f6:*:*:*:*:*:*\",\"matchCriteriaId\":\"98B0BD67-A60F-40E4-9FF4-DF129ABE1556\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"D90D8985-34EF-44CC-A9A7-CB0FD22676F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*\",\"matchCriteriaId\":\"856A5668-FA4F-44E9-A3F0-BE4979F631E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA2459ED-DFA5-4701-AF92-C2928C3BD64D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*\",\"matchCriteriaId\":\"8830C4BC-2B3D-4CCF-A37E-79C2D46159BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*\",\"matchCriteriaId\":\"E288F54B-AEA3-412F-85A4-EBDFE74DB84F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"18468579-0195-4DDE-BAA5-4BE4068F3A69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E5FAA97-171F-4DB9-B78E-6E1A5F34336A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"870244F3-1C05-4F10-A205-5189BB860F46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"235EE40B-AA15-4F39-8087-A051F4F70995\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*\",\"matchCriteriaId\":\"17330544-3AFC-463E-A146-2840A8AE17D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ABA301F-7866-42A5-8391-E07BEAFF06FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*\",\"matchCriteriaId\":\"884E4A85-ED42-4391-9FDD-9052F957743A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*\",\"matchCriteriaId\":\"1901864B-688B-4352-A587-4B96B4E49FB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*\",\"matchCriteriaId\":\"78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B6670FB-9F5A-469B-97F2-074C28572065\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*\",\"matchCriteriaId\":\"71198992-83AA-4E28-BA7D-A3C1897B5E2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*\",\"matchCriteriaId\":\"4323D874-C317-4D76-8E2D-C82376D84CBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*\",\"matchCriteriaId\":\"F56067DA-EBA9-481A-B60B-52148584EFBD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E87C765-8D68-404A-AC71-3F22A7260E8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E3B807C-196D-42B8-9042-7582A1366772\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*\",\"matchCriteriaId\":\"83FEEE8F-9279-46F2-BAF9-A60537020C61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBD36C0D-0F44-4349-968D-4CD60F281D84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d230:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E364FE2-5FB1-4E14-8DF5-CA21F4BFBBC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d231:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F22C4C2-20E0-428F-A9BF-37E8BD63A9E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d232:*:*:*:*:*:*\",\"matchCriteriaId\":\"71334963-7BF1-49DB-84E6-D6F2A927458B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d233:*:*:*:*:*:*\",\"matchCriteriaId\":\"E773AA7F-AB97-488A-B73D-682FB5553B31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d25:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DD0B95A-7C9F-4A18-9CD8-BA344DEFC9D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F294E43-73FA-4EF3-90F2-EE29C56D6573\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDDE1048-BFEA-4A3E-8270-27C538A68837\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC517CD0-FF35-498F-AD33-683B43CA3829\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*\",\"matchCriteriaId\":\"53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2B5ED13-F998-447C-8FEA-047FE9FE2F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d45:*:*:*:*:*:*\",\"matchCriteriaId\":\"65F3CD2A-D5E1-4EFF-9013-6D81B396F765\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d495:*:*:*:*:*:*\",\"matchCriteriaId\":\"723FD85C-C763-4017-B6BF-0CA707997D2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d56:*:*:*:*:*:*\",\"matchCriteriaId\":\"3978B35D-5745-47BC-A56F-A0678AB0F3E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*\",\"matchCriteriaId\":\"962CCED8-E321-4878-9BE6-0DC33778559A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B08B97A-5D4D-405B-A1C4-9E327E4EED35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*\",\"matchCriteriaId\":\"738C1061-E8B8-4924-AFE9-5E59F22CA4A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*\",\"matchCriteriaId\":\"9071DC8C-D0AA-448E-82BF-7C801199193F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBE35BDC-7739-4854-8BB8-E8600603DE9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC47132-9EEA-4518-8F86-5CD231FBFB61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD5A30CE-9498-4007-8E66-FD0CC6CF1836\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D3E38C1-808C-4BD3-993D-F30855F5390F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"72194CB7-FFDC-4897-9D6E-EA3459DDDEB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"92F35C19-5AD2-4F98-8313-2E880714DF3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r7:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B4A4960-0241-4BF4-8857-8B7BE33466B6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"38A40E03-F915-4888-87B0-5950F75F097D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"69FC46D4-39E2-4E2F-A1D3-1001769A7115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r3:-:*:*:*:*:*\",\"matchCriteriaId\":\"D1CAEBD2-2E46-44B5-B1D1-1DDBD450FD27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"565AE6D8-28A9-4A62-A886-5BAB954695D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C366F93-BB30-4144-99AE-40B676977834\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"488BB10A-1360-42E5-A68D-23D51B332850\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E889BF9C-BDDF-4A6A-97BB-00A097EF6D91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.2:r1-s7:*:*:*:*:*:*\",\"matchCriteriaId\":\"9689695F-53EB-4B35-9072-750E7282B011\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D45F2C3-20FF-4A91-A440-E109B3CCE7C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"11E055AC-5626-4EBB-8611-17BB1E8AEF15\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"988D317A-0646-491F-9B97-853E8E208276\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E0CE79A-157D-47DE-BE65-936BC12470EB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0A756E2-C320-405A-B24F-7C5022649E5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r1:-:*:*:*:*:*\",\"matchCriteriaId\":\"90BF177D-A895-4D05-B674-B27420A5DC6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A893CCE5-96B8-44A1-ABEF-6AB9B527B2FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"21B7820C-01D2-401C-9E6D-C83994FD5961\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D2FBD29-2CAC-41B4-9336-671373EF4A7C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AB8585E-EDC6-4400-BEE3-3A6A7C922C90\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2x75:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEC6BBCF-6429-4BD8-9728-4A1B0616D7C9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.3\",\"matchCriteriaId\":\"CEE60500-EC4A-466A-A0B8-26337AC3CCBB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FEF5DD8-B0B2-4ED2-B38F-CE870485AB8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"09771B8F-8B2A-4E8B-B4D3-80677697FCF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"55E2F909-E1CC-45AA-ABA9-58178B751808\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1AA12C5-4520-4F79-80BE-66112F7AFC2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*\",\"matchCriteriaId\":\"807C8110-5CC2-45F0-B094-BBF9C0B63BDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*\",\"matchCriteriaId\":\"547E5737-D385-49B9-A69F-A3B185A34116\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*\",\"matchCriteriaId\":\"2ED257ED-A56B-48A6-8568-65F36FFFC753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"74500FC7-EE82-4AA8-9A5F-15DE4835E337\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAE14AE1-6756-4831-A8D5-A6D07DB24AF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"A545D686-25FD-47CD-838A-CF69FB707253\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d42:*:*:*:*:*:*\",\"matchCriteriaId\":\"39427B97-EB80-46BE-A5D0-90CCEC1DD207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d43:*:*:*:*:*:*\",\"matchCriteriaId\":\"131CBAB6-8222-4CDC-AEC8-8AD1AD507C61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d44:*:*:*:*:*:*\",\"matchCriteriaId\":\"81BEA7EA-FF95-425B-9245-21927E1F30C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB013C0D-893D-4A71-AF86-B63DB4464784\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A3CB6CF-A22B-43F8-8E92-6268BBF7E644\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d47:*:*:*:*:*:*\",\"matchCriteriaId\":\"E77B6650-6316-41D1-9EA3-4429DD972628\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:d48:*:*:*:*:*:*\",\"matchCriteriaId\":\"E03E379C-BC08-4FB7-9C01-41F75DFD281F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A38F224C-8E9B-44F3-9D4F-6C9F04F57927\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA10925\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://kb.juniper.net/JSA10925\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…