cvelistv5 - cve-2019-0055

CVE-2019-0055 (GCVE-0-2019-0055)

Vulnerability from cvelistv5 – Published: 2019-10-09 19:26 – Updated: 2024-09-16 22:08

Summary

A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-130 - Improper Handling of Length Parameter Inconsistency

Assigner

juniper

References

URL

Tags

	https://kb.juniper.net/JSA10953	x_refsource_MISC
	https://www.juniper.net/documentation/en_US/junos…	mailing-listx_refsource_MLIST

Impacted products

	Vendor	Product	Version
	Juniper Networks	Junos OS	Affected: 12.3X48 , < 12.3X48-D61, 12.3X48-D65 (custom) Affected: 15.1X49 , < 15.1X49-D130 (custom) Affected: 17.3 , < 17.3R3 (custom) Affected: 17.4 , < 17.4R2 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:37:07.401Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10953"
          },
          {
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "SRX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "12.3X48-D61, 12.3X48-D65",
              "status": "affected",
              "version": "12.3X48",
              "versionType": "custom"
            },
            {
              "lessThan": "15.1X49-D130",
              "status": "affected",
              "version": "15.1X49",
              "versionType": "custom"
            },
            {
              "lessThan": "17.3R3",
              "status": "affected",
              "version": "17.3",
              "versionType": "custom"
            },
            {
              "lessThan": "17.4R2",
              "status": "affected",
              "version": "17.4",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue only affects SRX Series devices where SIP ALG is enabled.\nThe following minimum configuration is required: \n  set security alg sip"
        }
      ],
      "datePublic": "2019-10-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-130",
              "description": "CWE-130 Improper Handling of Length Parameter Inconsistency",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-09T19:26:17",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.juniper.net/JSA10953"
        },
        {
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2, 18.1R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA10953",
        "defect": [
          "1329170"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: SRX Series: An attacker may cause flowd to crash by sending certain valid SIP traffic to a device with SIP ALG enabled.",
      "workarounds": [
        {
          "lang": "en",
          "value": "Disable SIP ALG if this is not needed, otherwise there are no viable workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.6"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
          "ID": "CVE-2019-0055",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: SRX Series: An attacker may cause flowd to crash by sending certain valid SIP traffic to a device with SIP ALG enabled."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "12.3X48",
                            "version_value": "12.3X48-D61, 12.3X48-D65"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "15.1X49",
                            "version_value": "15.1X49-D130"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "17.3",
                            "version_value": "17.3R3"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "17.4",
                            "version_value": "17.4R2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue only affects SRX Series devices where SIP ALG is enabled.\nThe following minimum configuration is required: \n  set security alg sip"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.6"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-130 Improper Handling of Length Parameter Inconsistency"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10953",
              "refsource": "MISC",
              "url": "https://kb.juniper.net/JSA10953"
            },
            {
              "name": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html",
              "refsource": "MLIST",
              "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2, 18.1R1, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA10953",
          "defect": [
            "1329170"
          ],
          "discovery": "USER"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Disable SIP ALG if this is not needed, otherwise there are no viable workarounds for this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2019-0055",
    "datePublished": "2019-10-09T19:26:17.374648Z",
    "dateReserved": "2018-10-11T00:00:00",
    "dateUpdated": "2024-09-16T22:08:51.402Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4AC2E1E-74FB-4DA3-8292-B2079F83FF54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E296274-AFC1-4F56-A4B3-827C2E0BC9D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C82799B-BD25-4359-9E3D-4D7CA7367525\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*\", \"matchCriteriaId\": \"094485FF-960C-4533-A2AF-6C4D420D260D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8BE3661-1DE5-4F57-9384-68C1B34F6812\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*\", \"matchCriteriaId\": \"B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6C694C6-C58C-4513-91E8-6CC22A2386E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B65EF51-ED97-4973-94C4-8F66C553F190\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EE7C08A-2A4B-4A84-AD95-A890913E2EE3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11D4A86D-BDB4-4A01-96FE-7E023C58074B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CEBF85C-736A-4E7D-956A-3E8210D4F70B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD647C15-A686-4C8F-A766-BC29404C0FED\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45AB1622-1AED-4CD7-98F1-67779CDFC321\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89276D88-3B8D-4168-A2CD-0920297485F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB5AB24B-2B43-43DD-AE10-F758B4B19F2A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80F9DC32-5ADF-4430-B1A6-357D0B29DB78\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B82D4C4-7A65-409A-926F-33C054DCBFBA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"746C3882-2A5B-4215-B259-EB1FD60C513D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE535749-F4CE-4FFA-B23D-BF09C92481E5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCC5F6F5-4347-49D3-909A-27A3A96D36C9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56BA6B86-D3F4-4496-AE46-AC513C6560FA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FDDC897-747F-44DD-9599-7266F9B5B7B1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62FC145A-D477-4C86-89E7-F70F52773801\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06685D0E-A075-49A5-9EF4-34F0F795C8C6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66F474D4-79B6-4525-983C-9A9011BD958B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B10DFCE-5331-4D79-8D9F-EF84743493D3\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"27A6BF09-ABBF-4126-ADD6-B174937F8554\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*\", \"matchCriteriaId\": \"D90D8985-34EF-44CC-A9A7-CB0FD22676F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*\", \"matchCriteriaId\": \"856A5668-FA4F-44E9-A3F0-BE4979F631E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA2459ED-DFA5-4701-AF92-C2928C3BD64D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*\", \"matchCriteriaId\": \"18468579-0195-4DDE-BAA5-4BE4068F3A69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E5FAA97-171F-4DB9-B78E-6E1A5F34336A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*\", \"matchCriteriaId\": \"870244F3-1C05-4F10-A205-5189BB860F46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*\", \"matchCriteriaId\": \"235EE40B-AA15-4F39-8087-A051F4F70995\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*\", \"matchCriteriaId\": \"17330544-3AFC-463E-A146-2840A8AE17D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*\", \"matchCriteriaId\": \"8ABA301F-7866-42A5-8391-E07BEAFF06FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*\", \"matchCriteriaId\": \"884E4A85-ED42-4391-9FDD-9052F957743A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*\", \"matchCriteriaId\": \"1901864B-688B-4352-A587-4B96B4E49FB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*\", \"matchCriteriaId\": \"78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B6670FB-9F5A-469B-97F2-074C28572065\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*\", \"matchCriteriaId\": \"71198992-83AA-4E28-BA7D-A3C1897B5E2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*\", \"matchCriteriaId\": \"4323D874-C317-4D76-8E2D-C82376D84CBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*\", \"matchCriteriaId\": \"F56067DA-EBA9-481A-B60B-52148584EFBD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11D4A86D-BDB4-4A01-96FE-7E023C58074B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CEBF85C-736A-4E7D-956A-3E8210D4F70B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD647C15-A686-4C8F-A766-BC29404C0FED\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45AB1622-1AED-4CD7-98F1-67779CDFC321\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89276D88-3B8D-4168-A2CD-0920297485F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB5AB24B-2B43-43DD-AE10-F758B4B19F2A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80F9DC32-5ADF-4430-B1A6-357D0B29DB78\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B82D4C4-7A65-409A-926F-33C054DCBFBA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"746C3882-2A5B-4215-B259-EB1FD60C513D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE535749-F4CE-4FFA-B23D-BF09C92481E5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCC5F6F5-4347-49D3-909A-27A3A96D36C9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56BA6B86-D3F4-4496-AE46-AC513C6560FA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FDDC897-747F-44DD-9599-7266F9B5B7B1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62FC145A-D477-4C86-89E7-F70F52773801\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06685D0E-A075-49A5-9EF4-34F0F795C8C6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66F474D4-79B6-4525-983C-9A9011BD958B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B10DFCE-5331-4D79-8D9F-EF84743493D3\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A283D32F-1CAF-4A5A-83E1-585F2801771F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"69FC46D4-39E2-4E2F-A1D3-1001769A7115\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"32F83E8B-A816-4F26-95F8-F0DA7F3DF426\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C433359-BC8B-4E69-BE74-A31EB148083A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11D4A86D-BDB4-4A01-96FE-7E023C58074B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CEBF85C-736A-4E7D-956A-3E8210D4F70B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD647C15-A686-4C8F-A766-BC29404C0FED\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45AB1622-1AED-4CD7-98F1-67779CDFC321\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89276D88-3B8D-4168-A2CD-0920297485F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB5AB24B-2B43-43DD-AE10-F758B4B19F2A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80F9DC32-5ADF-4430-B1A6-357D0B29DB78\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B82D4C4-7A65-409A-926F-33C054DCBFBA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"746C3882-2A5B-4215-B259-EB1FD60C513D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE535749-F4CE-4FFA-B23D-BF09C92481E5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCC5F6F5-4347-49D3-909A-27A3A96D36C9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56BA6B86-D3F4-4496-AE46-AC513C6560FA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FDDC897-747F-44DD-9599-7266F9B5B7B1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62FC145A-D477-4C86-89E7-F70F52773801\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06685D0E-A075-49A5-9EF4-34F0F795C8C6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66F474D4-79B6-4525-983C-9A9011BD958B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B10DFCE-5331-4D79-8D9F-EF84743493D3\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A00CA6FB-8F28-4171-B510-8DBA351E80C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"988D317A-0646-491F-9B97-853E8E208276\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"605F1AD7-5B09-44F0-9017-15AB3EEE559C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E4EB6B0-8DB2-4199-96E4-30195D49F756\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D8A8E33-473A-4A40-A7B7-47086BB9012A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0F65DCA-34B9-4CE8-91C9-426AAAEB4097\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11D4A86D-BDB4-4A01-96FE-7E023C58074B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CEBF85C-736A-4E7D-956A-3E8210D4F70B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD647C15-A686-4C8F-A766-BC29404C0FED\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45AB1622-1AED-4CD7-98F1-67779CDFC321\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89276D88-3B8D-4168-A2CD-0920297485F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB5AB24B-2B43-43DD-AE10-F758B4B19F2A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80F9DC32-5ADF-4430-B1A6-357D0B29DB78\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B82D4C4-7A65-409A-926F-33C054DCBFBA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"746C3882-2A5B-4215-B259-EB1FD60C513D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE535749-F4CE-4FFA-B23D-BF09C92481E5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCC5F6F5-4347-49D3-909A-27A3A96D36C9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56BA6B86-D3F4-4496-AE46-AC513C6560FA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FDDC897-747F-44DD-9599-7266F9B5B7B1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62FC145A-D477-4C86-89E7-F70F52773801\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06685D0E-A075-49A5-9EF4-34F0F795C8C6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66F474D4-79B6-4525-983C-9A9011BD958B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B10DFCE-5331-4D79-8D9F-EF84743493D3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en el servicio de procesamiento de paquetes ALG SIP de Juniper Networks Junos OS, permite a un atacante causar una Denegaci\\u00f3n de servicio (DoS) al dispositivo mediante el env\\u00edo de tipos espec\\u00edficos de tr\\u00e1fico SIP v\\u00e1lido hacia el dispositivo. En este caso, el proceso flowd se bloquea y genera un volcado de n\\u00facleo cuando se procesan el tr\\u00e1fico ALG SIP. La recepci\\u00f3n continua de estos paquetes SIP v\\u00e1lidos resultar\\u00e1 en una condici\\u00f3n de denegaci\\u00f3n de servicio (DoS) sostenida. Este problema afecta a: Juniper Networks OS de Junos: versiones 12.3X48 anteriores a 12.3X48-D61, 12.3X48-D65 en la serie SRX; versiones 15.1X49 anteriores a 15.1X49-D130 en la serie SRX; versiones 17.3 anteriores a 17.3R3 en la serie SRX; versiones 17.4 anteriores a 17.4R2 en la serie SRX.\"}]",
      "id": "CVE-2019-0055",
      "lastModified": "2024-11-21T04:16:08.957",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-10-09T20:15:16.473",
      "references": "[{\"url\": \"https://kb.juniper.net/JSA10953\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://kb.juniper.net/JSA10953\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-130\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-0055\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2019-10-09T20:15:16.473\",\"lastModified\":\"2024-11-21T04:16:08.957\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el servicio de procesamiento de paquetes ALG SIP de Juniper Networks Junos OS, permite a un atacante causar una Denegaci\u00f3n de servicio (DoS) al dispositivo mediante el env\u00edo de tipos espec\u00edficos de tr\u00e1fico SIP v\u00e1lido hacia el dispositivo. En este caso, el proceso flowd se bloquea y genera un volcado de n\u00facleo cuando se procesan el tr\u00e1fico ALG SIP. La recepci\u00f3n continua de estos paquetes SIP v\u00e1lidos resultar\u00e1 en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sostenida. Este problema afecta a: Juniper Networks OS de Junos: versiones 12.3X48 anteriores a 12.3X48-D61, 12.3X48-D65 en la serie SRX; versiones 15.1X49 anteriores a 15.1X49-D130 en la serie SRX; versiones 17.3 anteriores a 17.3R3 en la serie SRX; versiones 17.4 anteriores a 17.4R2 en la serie SRX.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-130\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4AC2E1E-74FB-4DA3-8292-B2079F83FF54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E296274-AFC1-4F56-A4B3-827C2E0BC9D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C82799B-BD25-4359-9E3D-4D7CA7367525\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"094485FF-960C-4533-A2AF-6C4D420D260D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8BE3661-1DE5-4F57-9384-68C1B34F6812\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*\",\"matchCriteriaId\":\"B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6C694C6-C58C-4513-91E8-6CC22A2386E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B65EF51-ED97-4973-94C4-8F66C553F190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EE7C08A-2A4B-4A84-AD95-A890913E2EE3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11D4A86D-BDB4-4A01-96FE-7E023C58074B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CEBF85C-736A-4E7D-956A-3E8210D4F70B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD647C15-A686-4C8F-A766-BC29404C0FED\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45AB1622-1AED-4CD7-98F1-67779CDFC321\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89276D88-3B8D-4168-A2CD-0920297485F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB5AB24B-2B43-43DD-AE10-F758B4B19F2A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F9DC32-5ADF-4430-B1A6-357D0B29DB78\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B82D4C4-7A65-409A-926F-33C054DCBFBA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"746C3882-2A5B-4215-B259-EB1FD60C513D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE535749-F4CE-4FFA-B23D-BF09C92481E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC5F6F5-4347-49D3-909A-27A3A96D36C9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56BA6B86-D3F4-4496-AE46-AC513C6560FA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FDDC897-747F-44DD-9599-7266F9B5B7B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62FC145A-D477-4C86-89E7-F70F52773801\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06685D0E-A075-49A5-9EF4-34F0F795C8C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F474D4-79B6-4525-983C-9A9011BD958B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B10DFCE-5331-4D79-8D9F-EF84743493D3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"27A6BF09-ABBF-4126-ADD6-B174937F8554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*\",\"matchCriteriaId\":\"D90D8985-34EF-44CC-A9A7-CB0FD22676F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*\",\"matchCriteriaId\":\"856A5668-FA4F-44E9-A3F0-BE4979F631E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA2459ED-DFA5-4701-AF92-C2928C3BD64D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"18468579-0195-4DDE-BAA5-4BE4068F3A69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E5FAA97-171F-4DB9-B78E-6E1A5F34336A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*\",\"matchCriteriaId\":\"870244F3-1C05-4F10-A205-5189BB860F46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*\",\"matchCriteriaId\":\"235EE40B-AA15-4F39-8087-A051F4F70995\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*\",\"matchCriteriaId\":\"17330544-3AFC-463E-A146-2840A8AE17D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ABA301F-7866-42A5-8391-E07BEAFF06FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*\",\"matchCriteriaId\":\"884E4A85-ED42-4391-9FDD-9052F957743A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*\",\"matchCriteriaId\":\"1901864B-688B-4352-A587-4B96B4E49FB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*\",\"matchCriteriaId\":\"78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B6670FB-9F5A-469B-97F2-074C28572065\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*\",\"matchCriteriaId\":\"71198992-83AA-4E28-BA7D-A3C1897B5E2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*\",\"matchCriteriaId\":\"4323D874-C317-4D76-8E2D-C82376D84CBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*\",\"matchCriteriaId\":\"F56067DA-EBA9-481A-B60B-52148584EFBD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11D4A86D-BDB4-4A01-96FE-7E023C58074B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CEBF85C-736A-4E7D-956A-3E8210D4F70B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD647C15-A686-4C8F-A766-BC29404C0FED\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45AB1622-1AED-4CD7-98F1-67779CDFC321\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89276D88-3B8D-4168-A2CD-0920297485F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB5AB24B-2B43-43DD-AE10-F758B4B19F2A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F9DC32-5ADF-4430-B1A6-357D0B29DB78\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B82D4C4-7A65-409A-926F-33C054DCBFBA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"746C3882-2A5B-4215-B259-EB1FD60C513D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE535749-F4CE-4FFA-B23D-BF09C92481E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC5F6F5-4347-49D3-909A-27A3A96D36C9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56BA6B86-D3F4-4496-AE46-AC513C6560FA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FDDC897-747F-44DD-9599-7266F9B5B7B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62FC145A-D477-4C86-89E7-F70F52773801\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06685D0E-A075-49A5-9EF4-34F0F795C8C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F474D4-79B6-4525-983C-9A9011BD958B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B10DFCE-5331-4D79-8D9F-EF84743493D3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A283D32F-1CAF-4A5A-83E1-585F2801771F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"69FC46D4-39E2-4E2F-A1D3-1001769A7115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"32F83E8B-A816-4F26-95F8-F0DA7F3DF426\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C433359-BC8B-4E69-BE74-A31EB148083A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11D4A86D-BDB4-4A01-96FE-7E023C58074B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CEBF85C-736A-4E7D-956A-3E8210D4F70B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD647C15-A686-4C8F-A766-BC29404C0FED\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45AB1622-1AED-4CD7-98F1-67779CDFC321\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89276D88-3B8D-4168-A2CD-0920297485F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB5AB24B-2B43-43DD-AE10-F758B4B19F2A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F9DC32-5ADF-4430-B1A6-357D0B29DB78\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B82D4C4-7A65-409A-926F-33C054DCBFBA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"746C3882-2A5B-4215-B259-EB1FD60C513D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE535749-F4CE-4FFA-B23D-BF09C92481E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC5F6F5-4347-49D3-909A-27A3A96D36C9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56BA6B86-D3F4-4496-AE46-AC513C6560FA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FDDC897-747F-44DD-9599-7266F9B5B7B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62FC145A-D477-4C86-89E7-F70F52773801\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06685D0E-A075-49A5-9EF4-34F0F795C8C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F474D4-79B6-4525-983C-9A9011BD958B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B10DFCE-5331-4D79-8D9F-EF84743493D3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A00CA6FB-8F28-4171-B510-8DBA351E80C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"988D317A-0646-491F-9B97-853E8E208276\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"605F1AD7-5B09-44F0-9017-15AB3EEE559C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E4EB6B0-8DB2-4199-96E4-30195D49F756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D8A8E33-473A-4A40-A7B7-47086BB9012A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0F65DCA-34B9-4CE8-91C9-426AAAEB4097\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11D4A86D-BDB4-4A01-96FE-7E023C58074B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CEBF85C-736A-4E7D-956A-3E8210D4F70B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD647C15-A686-4C8F-A766-BC29404C0FED\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45AB1622-1AED-4CD7-98F1-67779CDFC321\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89276D88-3B8D-4168-A2CD-0920297485F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB5AB24B-2B43-43DD-AE10-F758B4B19F2A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F9DC32-5ADF-4430-B1A6-357D0B29DB78\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B82D4C4-7A65-409A-926F-33C054DCBFBA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"746C3882-2A5B-4215-B259-EB1FD60C513D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE535749-F4CE-4FFA-B23D-BF09C92481E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC5F6F5-4347-49D3-909A-27A3A96D36C9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56BA6B86-D3F4-4496-AE46-AC513C6560FA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FDDC897-747F-44DD-9599-7266F9B5B7B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62FC145A-D477-4C86-89E7-F70F52773801\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06685D0E-A075-49A5-9EF4-34F0F795C8C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F474D4-79B6-4525-983C-9A9011BD958B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B10DFCE-5331-4D79-8D9F-EF84743493D3\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA10953\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://kb.juniper.net/JSA10953\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CERTFR-2019-AVI-500

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer aux bulletins de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Produits NFX, Junos OS versions antérieures à 18.2R1, 18.2X75-D5
Produits CTP, CTPView versions antérieures à 7.3R6
Produits EX, Junos OS versions antérieures à 12.3R12-S15
Produits SRX
- Junos OS versions antérieures à 12.3X48-D80, 15.1X49-D120, 15.1X49-D150, 15.1X49-D171, 15.1X49-D180, à partir de la version 18.2R2-S1 et antérieures à 18.2R3, 18.4R2, ainsi que les versions antérieures à 18.2R3, 19.2R1 pour la série SRX 5000
- Junos OS avec J-Web activé versions antérieures à 12.3X48-D85, 15.1X49-D180
- Junos OS avec SIP ALG activé versions antérieures à 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2
Produits MX
- Junos OS gamme MX480, MX960, MX2008, MX2010, MX2020 versions antérieures à 18.1R2-S4, 18.1R3-S5, 18.1X75-D10 et ultérieures, versions antérieures à 18.2R1-S5, 18.2R2-S3, 18.2R3, 18.2X75-D50, 18.3R1-S4, 18.3R2, 18.3R3, 18.4R1-S2, 18.4R2
- Junos OS avec DHCPv6 activé versions antérieures à 15.1R7-S5, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R3-S2, 17.3R3-S6, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S4, 18.2R3, 18.2X75-D50, 18.3R1-S5, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2
- Junos OS avec cartes MS-PIC, MS-MIC ou MS-MPC et activation de NAT et SIP ALG, versions antérieures 16.1R7-S5, 16.2R2-S11, 17.1R3, 17.2R3-S3, 17.3R3-S6, 17.4R2-S8, 17.4R3, 18.1R3-S3, 18.2R3, 18.3R2, 18.4R
Toutes séries
- Junos OS versions antérieures à 15.1F6-S12, 15.1R7-S2, 15.1X49-D171, 15.1X49-D180, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 15.1X53-D496, 15.1X53-D68, 15.1X53-D69, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.2R3-S1, 17.3R2-S4, 17.3R3, 17.3R3-S4, 17.4R1-S6, 17.4R1-S7, 17.4R2-S3, 17.4R3, 18.1R2-S4, 18.1R3-S1, 18.1X75, 18.2R1-S5, 18.2R2-S2, 18.2R3, 18.3R1-S3, 18.3R2, 18.4R1-S2, 18.4R2
- Junos OS avec J-Web activé versions antérieures à 14.1X53-D51, 15.1F6-S13, 15.1R7-S5, 15.1X53-D238, 16.1R4-S13, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R2-S8, 17.2R3-S3, 17.3R3-S5, 17.4R2-S8, 17.4R3, 18.1R3-S8, 18.2R3, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2
- Junos OS sur des équipements avec l'option Multi-Chassis Link Aggregation Group (MC-LAG) activée, versions ultérieures à 15.1 et antérieures à 16.1R6-S2, 16.1R7, 16.2R2-S10, 17.1R3

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10962 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10954 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10953 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10957 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10952 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10965 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10964 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10960 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10963 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10958 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10959 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10966 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10956 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10955 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10961 du 10 octobre 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eProduits NFX, Junos OS versions ant\u00e9rieures \u00e0 18.2R1, 18.2X75-D5\u003c/li\u003e \u003cli\u003eProduits CTP, CTPView versions ant\u00e9rieures \u00e0 7.3R6\u003c/li\u003e \u003cli\u003eProduits EX, Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S15\u003c/li\u003e \u003cli\u003eProduits SRX \u003cul\u003e \u003cli\u003eJunos OS versions ant\u00e9rieures \u00e0 12.3X48-D80, 15.1X49-D120, 15.1X49-D150, 15.1X49-D171, 15.1X49-D180, \u00e0 partir de la version 18.2R2-S1 et ant\u00e9rieures \u00e0 18.2R3, 18.4R2, ainsi que les versions ant\u00e9rieures \u00e0 18.2R3, 19.2R1 pour la s\u00e9rie SRX 5000\u003c/li\u003e \u003cli\u003eJunos OS avec J-Web activ\u00e9 versions ant\u00e9rieures \u00e0 12.3X48-D85, 15.1X49-D180\u003c/li\u003e \u003cli\u003eJunos OS avec SIP ALG activ\u00e9 versions ant\u00e9rieures \u00e0 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eProduits MX \u003cul\u003e \u003cli\u003eJunos OS gamme\u00a0MX480, MX960, MX2008, MX2010, MX2020 versions ant\u00e9rieures \u00e0 18.1R2-S4, 18.1R3-S5, 18.1X75-D10 et ult\u00e9rieures, versions ant\u00e9rieures \u00e0 18.2R1-S5, 18.2R2-S3, 18.2R3, 18.2X75-D50, 18.3R1-S4, 18.3R2, 18.3R3, 18.4R1-S2, 18.4R2\u003c/li\u003e \u003cli\u003eJunos OS avec DHCPv6 activ\u00e9 versions ant\u00e9rieures \u00e0 15.1R7-S5, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R3-S2, 17.3R3-S6, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S4, 18.2R3, 18.2X75-D50, 18.3R1-S5, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2\u003c/li\u003e \u003cli\u003eJunos OS avec cartes MS-PIC, MS-MIC ou MS-MPC et activation de NAT et SIP ALG, versions ant\u00e9rieures 16.1R7-S5, 16.2R2-S11, 17.1R3, 17.2R3-S3, 17.3R3-S6, 17.4R2-S8, 17.4R3, 18.1R3-S3, 18.2R3, 18.3R2, 18.4R\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eToutes s\u00e9ries \u003cul\u003e \u003cli\u003eJunos OS versions ant\u00e9rieures \u00e0 15.1F6-S12, 15.1R7-S2,\u00a0 15.1X49-D171, 15.1X49-D180, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590,\u00a0 15.1X53-D496, 15.1X53-D68, 15.1X53-D69, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.2R3-S1, 17.3R2-S4, 17.3R3, 17.3R3-S4, 17.4R1-S6, 17.4R1-S7, 17.4R2-S3, 17.4R3, 18.1R2-S4, 18.1R3-S1, 18.1X75, 18.2R1-S5, 18.2R2-S2, 18.2R3, 18.3R1-S3, 18.3R2, 18.4R1-S2, 18.4R2\u003c/li\u003e \u003cli\u003eJunos OS avec J-Web activ\u00e9 versions ant\u00e9rieures \u00e0 14.1X53-D51, 15.1F6-S13, 15.1R7-S5, 15.1X53-D238, 16.1R4-S13, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R2-S8, 17.2R3-S3, 17.3R3-S5, 17.4R2-S8, 17.4R3, 18.1R3-S8, 18.2R3, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2\u003c/li\u003e \u003cli\u003eJunos OS sur des \u00e9quipements avec l\u0027option Multi-Chassis Link Aggregation Group (MC-LAG) activ\u00e9e, versions ult\u00e9rieures \u00e0 15.1 et ant\u00e9rieures \u00e0 16.1R6-S2, 16.1R7, 16.2R2-S10, 17.1R3\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003c/ul\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0061"
    },
    {
      "name": "CVE-2019-0054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0054"
    },
    {
      "name": "CVE-2019-0058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0058"
    },
    {
      "name": "CVE-2019-0056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0056"
    },
    {
      "name": "CVE-2019-0062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0062"
    },
    {
      "name": "CVE-2016-10011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10011"
    },
    {
      "name": "CVE-2016-10009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10009"
    },
    {
      "name": "CVE-2019-0057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0057"
    },
    {
      "name": "CVE-2019-0067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0067"
    },
    {
      "name": "CVE-2019-0063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0063"
    },
    {
      "name": "CVE-2019-0064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0064"
    },
    {
      "name": "CVE-2016-10010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10010"
    },
    {
      "name": "CVE-2018-20685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20685"
    },
    {
      "name": "CVE-2016-10012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10012"
    },
    {
      "name": "CVE-2015-8325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8325"
    },
    {
      "name": "CVE-2019-0065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0065"
    },
    {
      "name": "CVE-2019-0059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0059"
    },
    {
      "name": "CVE-2019-0055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0055"
    },
    {
      "name": "CVE-2019-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0060"
    },
    {
      "name": "CVE-2019-0066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0066"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-500",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-10-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10962 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10962\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10954 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10954\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10953 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10953\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10957 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10957\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10952 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10952\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10965 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10965\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10964 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10964\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10960 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10960\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10963 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10963\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10958 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10958\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10959 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10959\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10966 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10966\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10956 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10956\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10955 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10955\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10961 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10961\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2019-AVI-500

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer aux bulletins de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Produits NFX, Junos OS versions antérieures à 18.2R1, 18.2X75-D5
Produits CTP, CTPView versions antérieures à 7.3R6
Produits EX, Junos OS versions antérieures à 12.3R12-S15
Produits SRX
- Junos OS versions antérieures à 12.3X48-D80, 15.1X49-D120, 15.1X49-D150, 15.1X49-D171, 15.1X49-D180, à partir de la version 18.2R2-S1 et antérieures à 18.2R3, 18.4R2, ainsi que les versions antérieures à 18.2R3, 19.2R1 pour la série SRX 5000
- Junos OS avec J-Web activé versions antérieures à 12.3X48-D85, 15.1X49-D180
- Junos OS avec SIP ALG activé versions antérieures à 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2
Produits MX
- Junos OS gamme MX480, MX960, MX2008, MX2010, MX2020 versions antérieures à 18.1R2-S4, 18.1R3-S5, 18.1X75-D10 et ultérieures, versions antérieures à 18.2R1-S5, 18.2R2-S3, 18.2R3, 18.2X75-D50, 18.3R1-S4, 18.3R2, 18.3R3, 18.4R1-S2, 18.4R2
- Junos OS avec DHCPv6 activé versions antérieures à 15.1R7-S5, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R3-S2, 17.3R3-S6, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S4, 18.2R3, 18.2X75-D50, 18.3R1-S5, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2
- Junos OS avec cartes MS-PIC, MS-MIC ou MS-MPC et activation de NAT et SIP ALG, versions antérieures 16.1R7-S5, 16.2R2-S11, 17.1R3, 17.2R3-S3, 17.3R3-S6, 17.4R2-S8, 17.4R3, 18.1R3-S3, 18.2R3, 18.3R2, 18.4R
Toutes séries
- Junos OS versions antérieures à 15.1F6-S12, 15.1R7-S2, 15.1X49-D171, 15.1X49-D180, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 15.1X53-D496, 15.1X53-D68, 15.1X53-D69, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.2R3-S1, 17.3R2-S4, 17.3R3, 17.3R3-S4, 17.4R1-S6, 17.4R1-S7, 17.4R2-S3, 17.4R3, 18.1R2-S4, 18.1R3-S1, 18.1X75, 18.2R1-S5, 18.2R2-S2, 18.2R3, 18.3R1-S3, 18.3R2, 18.4R1-S2, 18.4R2
- Junos OS avec J-Web activé versions antérieures à 14.1X53-D51, 15.1F6-S13, 15.1R7-S5, 15.1X53-D238, 16.1R4-S13, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R2-S8, 17.2R3-S3, 17.3R3-S5, 17.4R2-S8, 17.4R3, 18.1R3-S8, 18.2R3, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2
- Junos OS sur des équipements avec l'option Multi-Chassis Link Aggregation Group (MC-LAG) activée, versions ultérieures à 15.1 et antérieures à 16.1R6-S2, 16.1R7, 16.2R2-S10, 17.1R3

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10962 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10954 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10953 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10957 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10952 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10965 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10964 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10960 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10963 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10958 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10959 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10966 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10956 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10955 du 10 octobre 2019	None	vendor-advisory
Bulletin de sécurité Juniper JSA10961 du 10 octobre 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eProduits NFX, Junos OS versions ant\u00e9rieures \u00e0 18.2R1, 18.2X75-D5\u003c/li\u003e \u003cli\u003eProduits CTP, CTPView versions ant\u00e9rieures \u00e0 7.3R6\u003c/li\u003e \u003cli\u003eProduits EX, Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S15\u003c/li\u003e \u003cli\u003eProduits SRX \u003cul\u003e \u003cli\u003eJunos OS versions ant\u00e9rieures \u00e0 12.3X48-D80, 15.1X49-D120, 15.1X49-D150, 15.1X49-D171, 15.1X49-D180, \u00e0 partir de la version 18.2R2-S1 et ant\u00e9rieures \u00e0 18.2R3, 18.4R2, ainsi que les versions ant\u00e9rieures \u00e0 18.2R3, 19.2R1 pour la s\u00e9rie SRX 5000\u003c/li\u003e \u003cli\u003eJunos OS avec J-Web activ\u00e9 versions ant\u00e9rieures \u00e0 12.3X48-D85, 15.1X49-D180\u003c/li\u003e \u003cli\u003eJunos OS avec SIP ALG activ\u00e9 versions ant\u00e9rieures \u00e0 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eProduits MX \u003cul\u003e \u003cli\u003eJunos OS gamme\u00a0MX480, MX960, MX2008, MX2010, MX2020 versions ant\u00e9rieures \u00e0 18.1R2-S4, 18.1R3-S5, 18.1X75-D10 et ult\u00e9rieures, versions ant\u00e9rieures \u00e0 18.2R1-S5, 18.2R2-S3, 18.2R3, 18.2X75-D50, 18.3R1-S4, 18.3R2, 18.3R3, 18.4R1-S2, 18.4R2\u003c/li\u003e \u003cli\u003eJunos OS avec DHCPv6 activ\u00e9 versions ant\u00e9rieures \u00e0 15.1R7-S5, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R3-S2, 17.3R3-S6, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S4, 18.2R3, 18.2X75-D50, 18.3R1-S5, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2\u003c/li\u003e \u003cli\u003eJunos OS avec cartes MS-PIC, MS-MIC ou MS-MPC et activation de NAT et SIP ALG, versions ant\u00e9rieures 16.1R7-S5, 16.2R2-S11, 17.1R3, 17.2R3-S3, 17.3R3-S6, 17.4R2-S8, 17.4R3, 18.1R3-S3, 18.2R3, 18.3R2, 18.4R\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eToutes s\u00e9ries \u003cul\u003e \u003cli\u003eJunos OS versions ant\u00e9rieures \u00e0 15.1F6-S12, 15.1R7-S2,\u00a0 15.1X49-D171, 15.1X49-D180, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590,\u00a0 15.1X53-D496, 15.1X53-D68, 15.1X53-D69, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.2R3-S1, 17.3R2-S4, 17.3R3, 17.3R3-S4, 17.4R1-S6, 17.4R1-S7, 17.4R2-S3, 17.4R3, 18.1R2-S4, 18.1R3-S1, 18.1X75, 18.2R1-S5, 18.2R2-S2, 18.2R3, 18.3R1-S3, 18.3R2, 18.4R1-S2, 18.4R2\u003c/li\u003e \u003cli\u003eJunos OS avec J-Web activ\u00e9 versions ant\u00e9rieures \u00e0 14.1X53-D51, 15.1F6-S13, 15.1R7-S5, 15.1X53-D238, 16.1R4-S13, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R2-S8, 17.2R3-S3, 17.3R3-S5, 17.4R2-S8, 17.4R3, 18.1R3-S8, 18.2R3, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2\u003c/li\u003e \u003cli\u003eJunos OS sur des \u00e9quipements avec l\u0027option Multi-Chassis Link Aggregation Group (MC-LAG) activ\u00e9e, versions ult\u00e9rieures \u00e0 15.1 et ant\u00e9rieures \u00e0 16.1R6-S2, 16.1R7, 16.2R2-S10, 17.1R3\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003c/ul\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0061"
    },
    {
      "name": "CVE-2019-0054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0054"
    },
    {
      "name": "CVE-2019-0058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0058"
    },
    {
      "name": "CVE-2019-0056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0056"
    },
    {
      "name": "CVE-2019-0062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0062"
    },
    {
      "name": "CVE-2016-10011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10011"
    },
    {
      "name": "CVE-2016-10009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10009"
    },
    {
      "name": "CVE-2019-0057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0057"
    },
    {
      "name": "CVE-2019-0067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0067"
    },
    {
      "name": "CVE-2019-0063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0063"
    },
    {
      "name": "CVE-2019-0064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0064"
    },
    {
      "name": "CVE-2016-10010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10010"
    },
    {
      "name": "CVE-2018-20685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-20685"
    },
    {
      "name": "CVE-2016-10012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-10012"
    },
    {
      "name": "CVE-2015-8325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8325"
    },
    {
      "name": "CVE-2019-0065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0065"
    },
    {
      "name": "CVE-2019-0059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0059"
    },
    {
      "name": "CVE-2019-0055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0055"
    },
    {
      "name": "CVE-2019-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0060"
    },
    {
      "name": "CVE-2019-0066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0066"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-500",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-10-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10962 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10962\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10954 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10954\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10953 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10953\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10957 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10957\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10952 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10952\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10965 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10965\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10964 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10964\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10960 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10960\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10963 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10963\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10958 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10958\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10959 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10959\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10966 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10966\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10956 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10956\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10955 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10955\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10961 du 10 octobre 2019",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10961\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

GSD-2019-0055

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-0055

Aliases

CVE-2019-0055

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-0055",
    "description": "A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series.",
    "id": "GSD-2019-0055"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-0055"
      ],
      "details": "A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series.",
      "id": "GSD-2019-0055",
      "modified": "2023-12-13T01:23:40.161182Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
        "ID": "CVE-2019-0055",
        "STATE": "PUBLIC",
        "TITLE": "Junos OS: SRX Series: An attacker may cause flowd to crash by sending certain valid SIP traffic to a device with SIP ALG enabled."
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Junos OS",
                    "version": {
                      "version_data": [
                        {
                          "platform": "SRX Series",
                          "version_affected": "\u003c",
                          "version_name": "12.3X48",
                          "version_value": "12.3X48-D61, 12.3X48-D65"
                        },
                        {
                          "platform": "SRX Series",
                          "version_affected": "\u003c",
                          "version_name": "15.1X49",
                          "version_value": "15.1X49-D130"
                        },
                        {
                          "platform": "SRX Series",
                          "version_affected": "\u003c",
                          "version_name": "17.3",
                          "version_value": "17.3R3"
                        },
                        {
                          "platform": "SRX Series",
                          "version_affected": "\u003c",
                          "version_name": "17.4",
                          "version_value": "17.4R2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "configuration": [
        {
          "lang": "eng",
          "value": "This issue only affects SRX Series devices where SIP ALG is enabled.\nThe following minimum configuration is required: \n  set security alg sip \n"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "generator": {
        "engine": "Vulnogram 0.0.6"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-130 Improper Handling of Length Parameter Inconsistency "
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://kb.juniper.net/JSA10953",
            "refsource": "MISC",
            "url": "https://kb.juniper.net/JSA10953"
          },
          {
            "name": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html",
            "refsource": "MLIST",
            "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2, 18.1R1, and all subsequent releases.\n"
        }
      ],
      "source": {
        "advisory": "JSA10953",
        "defect": [
          "1329170"
        ],
        "discovery": "USER"
      },
      "work_around": [
        {
          "lang": "eng",
          "value": "Disable SIP ALG if this is not needed, otherwise there are no viable workarounds for this issue."
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2019-0055"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10953",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://kb.juniper.net/JSA10953"
            },
            {
              "name": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html",
              "refsource": "MLIST",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2021-10-28T12:43Z",
      "publishedDate": "2019-10-09T20:15Z"
    }
  }
}

GHSA-VP5M-4998-8G6P

Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2022-05-24 16:58

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-0055"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-09T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series.",
  "id": "GHSA-vp5m-4998-8g6p",
  "modified": "2022-05-24T16:58:11Z",
  "published": "2022-05-24T16:58:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0055"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA10953"
    },
    {
      "type": "WEB",
      "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2019-0055

Vulnerability from fkie_nvd - Published: 2019-10-09 20:15 - Updated: 2024-11-21 04:16

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
sirt@juniper.net	https://kb.juniper.net/JSA10953	Vendor Advisory
sirt@juniper.net	https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA10953	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html	Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	junos	12.3x48
juniper	csrx	-
juniper	srx100	-
juniper	srx110	-
juniper	srx1400	-
juniper	srx1500	-
juniper	srx210	-
juniper	srx220	-
juniper	srx240	-
juniper	srx300	-
juniper	srx320	-
juniper	srx340	-
juniper	srx3400	-
juniper	srx345	-
juniper	srx3600	-
juniper	srx4100	-
juniper	srx4200	-
juniper	srx4600	-
juniper	srx5400	-
juniper	srx550	-
juniper	srx550_hm	-
juniper	srx5600	-
juniper	srx5800	-
juniper	srx650	-
juniper	vsrx	-
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	csrx	-
juniper	srx100	-
juniper	srx110	-
juniper	srx1400	-
juniper	srx1500	-
juniper	srx210	-
juniper	srx220	-
juniper	srx240	-
juniper	srx300	-
juniper	srx320	-
juniper	srx340	-
juniper	srx3400	-
juniper	srx345	-
juniper	srx3600	-
juniper	srx4100	-
juniper	srx4200	-
juniper	srx4600	-
juniper	srx5400	-
juniper	srx550	-
juniper	srx550_hm	-
juniper	srx5600	-
juniper	srx5800	-
juniper	srx650	-
juniper	vsrx	-
juniper	junos	17.3
juniper	junos	17.3
juniper	junos	17.3
juniper	junos	17.3
juniper	csrx	-
juniper	srx100	-
juniper	srx110	-
juniper	srx1400	-
juniper	srx1500	-
juniper	srx210	-
juniper	srx220	-
juniper	srx240	-
juniper	srx300	-
juniper	srx320	-
juniper	srx340	-
juniper	srx3400	-
juniper	srx345	-
juniper	srx3600	-
juniper	srx4100	-
juniper	srx4200	-
juniper	srx4600	-
juniper	srx5400	-
juniper	srx550	-
juniper	srx550_hm	-
juniper	srx5600	-
juniper	srx5800	-
juniper	srx650	-
juniper	vsrx	-
juniper	junos	17.4
juniper	junos	17.4
juniper	junos	17.4
juniper	junos	17.4
juniper	junos	17.4
juniper	junos	17.4
juniper	junos	17.4
juniper	csrx	-
juniper	srx100	-
juniper	srx110	-
juniper	srx1400	-
juniper	srx1500	-
juniper	srx210	-
juniper	srx220	-
juniper	srx240	-
juniper	srx300	-
juniper	srx320	-
juniper	srx340	-
juniper	srx3400	-
juniper	srx345	-
juniper	srx3600	-
juniper	srx4100	-
juniper	srx4200	-
juniper	srx4600	-
juniper	srx5400	-
juniper	srx550	-
juniper	srx550_hm	-
juniper	srx5600	-
juniper	srx5800	-
juniper	srx650	-
juniper	vsrx	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
              "matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
              "matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*",
              "matchCriteriaId": "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*",
              "matchCriteriaId": "3C82799B-BD25-4359-9E3D-4D7CA7367525",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*",
              "matchCriteriaId": "094485FF-960C-4533-A2AF-6C4D420D260D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*",
              "matchCriteriaId": "F8BE3661-1DE5-4F57-9384-68C1B34F6812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*",
              "matchCriteriaId": "B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*",
              "matchCriteriaId": "C6C694C6-C58C-4513-91E8-6CC22A2386E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*",
              "matchCriteriaId": "6B65EF51-ED97-4973-94C4-8F66C553F190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*",
              "matchCriteriaId": "9EE7C08A-2A4B-4A84-AD95-A890913E2EE3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*",
              "matchCriteriaId": "27A6BF09-ABBF-4126-ADD6-B174937F8554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
              "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
              "matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
              "matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
              "matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
              "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
              "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
              "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
              "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
              "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
              "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
              "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
              "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
              "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
              "matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
              "matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
              "matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
              "matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "A283D32F-1CAF-4A5A-83E1-585F2801771F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "32F83E8B-A816-4F26-95F8-F0DA7F3DF426",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "2C433359-BC8B-4E69-BE74-A31EB148083A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "A00CA6FB-8F28-4171-B510-8DBA351E80C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "605F1AD7-5B09-44F0-9017-15AB3EEE559C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "4E4EB6B0-8DB2-4199-96E4-30195D49F756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*",
              "matchCriteriaId": "9D8A8E33-473A-4A40-A7B7-47086BB9012A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*",
              "matchCriteriaId": "F0F65DCA-34B9-4CE8-91C9-426AAAEB4097",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el servicio de procesamiento de paquetes ALG SIP de Juniper Networks Junos OS, permite a un atacante causar una Denegaci\u00f3n de servicio (DoS) al dispositivo mediante el env\u00edo de tipos espec\u00edficos de tr\u00e1fico SIP v\u00e1lido hacia el dispositivo. En este caso, el proceso flowd se bloquea y genera un volcado de n\u00facleo cuando se procesan el tr\u00e1fico ALG SIP. La recepci\u00f3n continua de estos paquetes SIP v\u00e1lidos resultar\u00e1 en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sostenida. Este problema afecta a: Juniper Networks OS de Junos: versiones 12.3X48 anteriores a 12.3X48-D61, 12.3X48-D65 en la serie SRX; versiones 15.1X49 anteriores a 15.1X49-D130 en la serie SRX; versiones 17.3 anteriores a 17.3R3 en la serie SRX; versiones 17.4 anteriores a 17.4R2 en la serie SRX."
    }
  ],
  "id": "CVE-2019-0055",
  "lastModified": "2024-11-21T04:16:08.957",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-09T20:15:16.473",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10953"
    },
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10953"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-130"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-0055 (GCVE-0-2019-0055)

CERTFR-2019-AVI-500

Solution

CERTFR-2019-AVI-500

Solution

GSD-2019-0055

GHSA-VP5M-4998-8G6P

FKIE_CVE-2019-0055

Tags

Sightings

Nomenclature