CVE-2020-1654 (GCVE-0-2020-1654)

Vulnerability from cvelistv5 – Published: 2020-07-17 18:40 – Updated: 2024-09-16 17:32
VLAI?
Summary
On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) Continued processing of this malformed HTTP message may result in an extended Denial of Service (DoS) condition. The offending HTTP message that causes this issue may originate both from the HTTP server or the HTTP client. This issue affects Juniper Networks Junos OS on SRX Series: 18.1 versions prior to 18.1R3-S9 ; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3; 18.3 versions prior to 18.3R1-S7, 18.3R2-S4, 18.3R3-S1; 18.4 versions prior to 18.4R1-S7, 18.4R2-S4, 18.4R3; 19.1 versions prior to 19.1R1-S5, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2; 19.3 versions prior to 19.3R2. This issue does not affect Juniper Networks Junos OS prior to 18.1R1.
Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
Assigner
References
https://kb.juniper.net/JSA11031 x_refsource_CONFIRM
Impacted products
Vendor Product Version
Juniper Networks Junos OS Unaffected: 18.1 , < 18.1R1 (custom)
Affected: 18.2 , < 18.2R2-S7, 18.2R3-S3 (custom)
Affected: 18.3 , < 18.3R1-S7, 18.3R2-S4, 18.3R3-S1 (custom)
Affected: 18.4 , < 18.4R1-S7, 18.4R2-S4, 18.4R3 (custom)
Affected: 19.1 , < 19.1R1-S5, 19.1R2 (custom)
Affected: 19.2 , < 19.2R1-S2, 19.2R2 (custom)
Affected: 19.3 , < 19.3R2 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:46:29.745Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA11031"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "SRX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "18.1R3-S9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "18.1R1",
              "status": "unaffected",
              "version": "18.1",
              "versionType": "custom"
            },
            {
              "lessThan": "18.2R2-S7, 18.2R3-S3",
              "status": "affected",
              "version": "18.2",
              "versionType": "custom"
            },
            {
              "lessThan": "18.3R1-S7, 18.3R2-S4, 18.3R3-S1",
              "status": "affected",
              "version": "18.3",
              "versionType": "custom"
            },
            {
              "lessThan": "18.4R1-S7, 18.4R2-S4, 18.4R3",
              "status": "affected",
              "version": "18.4",
              "versionType": "custom"
            },
            {
              "lessThan": "19.1R1-S5, 19.1R2",
              "status": "affected",
              "version": "19.1",
              "versionType": "custom"
            },
            {
              "lessThan": "19.2R1-S2, 19.2R2",
              "status": "affected",
              "version": "19.2",
              "versionType": "custom"
            },
            {
              "lessThan": "19.3R2",
              "status": "affected",
              "version": "19.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue may occur only when ICAP Redirect Service is enabled.\n\nThe examples of minimum config stanza affected by this issue:\n  [services icap-redirect profile \u003cICAP_PROFILE_NAME\u003e]\nin combination with: \n  [security policies from-zone \u003cZONE_NAME\u003e to-zone \u003cZONE_NAME\u003e policy \u003cPOLICY_NAME\u003e then permit application-services \u003cICAP_PROFILE_NAME\u003e]"
        }
      ],
      "datePublic": "2020-07-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) Continued processing of this malformed HTTP message may result in an extended Denial of Service (DoS) condition. The offending HTTP message that causes this issue may originate both from the HTTP server or the HTTP client. This issue affects Juniper Networks Junos OS on SRX Series: 18.1 versions prior to 18.1R3-S9 ; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3; 18.3 versions prior to 18.3R1-S7, 18.3R2-S4, 18.3R3-S1; 18.4 versions prior to 18.4R1-S7, 18.4R2-S4, 18.4R3; 19.1 versions prior to 19.1R1-S5, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2; 19.3 versions prior to 19.3R2. This issue does not affect Juniper Networks Junos OS prior to 18.1R1."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-17T18:40:44",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA11031"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 18.1R3-S9, 18.2R2-S7, 18.2R3-S3, 18.3R1-S7, 18.3R2-S4, 18.3R3-S1, 18.4R1-S7, 18.4R2-S4, 18.4R3, 19.1R1-S5, 19.1R2, 19.2R1-S2, 19.2R2, 19.3R2, 19.4R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA11031",
        "defect": [
          "1460035"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: SRX Series: processing a malformed HTTP message when ICAP redirect service is enabled may can lead to flowd process crash or remote code execution",
      "workarounds": [
        {
          "lang": "en",
          "value": "Disable ICAP redirect service otherwise there are no viable workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2020-07-08T07:00:00.000Z",
          "ID": "CVE-2020-1654",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: SRX Series: processing a malformed HTTP message when ICAP redirect service is enabled may can lead to flowd process crash or remote code execution"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "SRX Series",
                            "version_affected": "!\u003c",
                            "version_name": "18.1",
                            "version_value": "18.1R1"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "18.1",
                            "version_value": "18.1R3-S9"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "18.2",
                            "version_value": "18.2R2-S7, 18.2R3-S3"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "18.3",
                            "version_value": "18.3R1-S7, 18.3R2-S4, 18.3R3-S1"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "18.4",
                            "version_value": "18.4R1-S7, 18.4R2-S4, 18.4R3"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "19.1",
                            "version_value": "19.1R1-S5, 19.1R2"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "19.2",
                            "version_value": "19.2R1-S2, 19.2R2"
                          },
                          {
                            "platform": "SRX Series",
                            "version_affected": "\u003c",
                            "version_name": "19.3",
                            "version_value": "19.3R2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue may occur only when ICAP Redirect Service is enabled.\n\nThe examples of minimum config stanza affected by this issue:\n  [services icap-redirect profile \u003cICAP_PROFILE_NAME\u003e]\nin combination with: \n  [security policies from-zone \u003cZONE_NAME\u003e to-zone \u003cZONE_NAME\u003e policy \u003cPOLICY_NAME\u003e then permit application-services \u003cICAP_PROFILE_NAME\u003e]"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) Continued processing of this malformed HTTP message may result in an extended Denial of Service (DoS) condition. The offending HTTP message that causes this issue may originate both from the HTTP server or the HTTP client. This issue affects Juniper Networks Junos OS on SRX Series: 18.1 versions prior to 18.1R3-S9 ; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3; 18.3 versions prior to 18.3R1-S7, 18.3R2-S4, 18.3R3-S1; 18.4 versions prior to 18.4R1-S7, 18.4R2-S4, 18.4R3; 19.1 versions prior to 19.1R1-S5, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2; 19.3 versions prior to 19.3R2. This issue does not affect Juniper Networks Junos OS prior to 18.1R1."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-120 Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA11031",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA11031"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: 18.1R3-S9, 18.2R2-S7, 18.2R3-S3, 18.3R1-S7, 18.3R2-S4, 18.3R3-S1, 18.4R1-S7, 18.4R2-S4, 18.4R3, 19.1R1-S5, 19.1R2, 19.2R1-S2, 19.2R2, 19.3R2, 19.4R1, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA11031",
          "defect": [
            "1460035"
          ],
          "discovery": "USER"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Disable ICAP redirect service otherwise there are no viable workarounds for this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2020-1654",
    "datePublished": "2020-07-17T18:40:45.036381Z",
    "dateReserved": "2019-11-04T00:00:00",
    "dateUpdated": "2024-09-16T17:32:52.751Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DFDD907-5305-4602-8A9C-685AA112C342\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0A756E2-C320-405A-B24F-7C5022649E5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"84F5BCBA-404B-4BC9-B363-CE6D231B0D6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"18A4CA3E-DA61-49CC-8476-3A476CCB2B83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7380B3E-09F5-4497-86C6-11EF56BD89F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"658841A9-BEC9-433E-81D0-47DE82887C4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AD05209-1274-4F8A-9FA2-A1A8DFCC5755\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"C97683B3-A07B-428F-9535-C49B55305679\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"A14CE132-C56B-43D8-A248-AB6A2D1A7B6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r3-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"73978DD8-BD92-4872-8F35-AF2B9BCA1ECB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r3-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"7988CE92-71D2-4EEC-B596-4A60E2C1136A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r3-s7:*:*:*:*:*:*\", \"matchCriteriaId\": \"330D176F-8DAD-440C-A623-44FA233FAB01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r3-s8:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CC5EAB8-1364-4325-9F01-BE7CC479C29D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"167EEC4F-729E-47C2-B0F8-E8108CE3E985\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r1:-:*:*:*:*:*\", \"matchCriteriaId\": \"90BF177D-A895-4D05-B674-B27420A5DC6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"A893CCE5-96B8-44A1-ABEF-6AB9B527B2FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"42203801-E2E7-4DCF-ABBB-D23A91B2A9FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"238EC996-8E8C-4332-916F-09E54E6EBB9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F711936-33A1-47FC-A6A0-A63088915815\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"21B7820C-01D2-401C-9E6D-C83994FD5961\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D2FBD29-2CAC-41B4-9336-671373EF4A7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEFCDA90-67E2-4AEF-800C-1D29A9121B8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r2-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"74B99981-840F-4DAD-976A-5DAEFE9FB93D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r2-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDD3ADB9-35FF-41D3-92BD-98D6D4826B03\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r2-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"341F2459-8335-40E9-A2B3-BE804D319F95\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"B670F988-78F2-4BC6-B7FC-E34C280F67DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r3-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F9451C7-6466-4AC9-9A7F-90A2817AED6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"871CA952-C5EC-4A25-8EF0-C2EC484F7DE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"5342C3DC-D640-47AB-BD76-3444852988A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AB8585E-EDC6-4400-BEE3-3A6A7C922C90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2ABC574-B3FC-4025-B50D-7F9EEB28C806\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F6EAFC3-C3AC-4361-8530-39FCF89702F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r1-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B363298-315C-4FD5-9417-C5B82883A224\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r1-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB08FF7B-01F5-4A19-858E-E2CD19D61A62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7A3FBD3-5399-42A9-9BD9-E3C981CBD6DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EBD361C-8B4D-43EF-8B82-9FE165D8206E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E7539C4-6208-43EB-9A0B-4852D0CE0FA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"35299B02-DC75-458D-B86D-8A0DB95B06AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFB29C9B-9729-43EB-AF98-AF44038DA711\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"74CA9010-D3DE-487B-B46F-589A48AB0F0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A38F224C-8E9B-44F3-9D4F-6C9F04F57927\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"853F146A-9A0F-49B6-AFD2-9907434212F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F73B88B-E66C-4ACD-B38D-9365FB230ABA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"C012CD07-706A-4E1C-B399-C55AEF5C8309\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0C26E59-874A-4D87-9E7F-E366F4D65ED1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"D59D7A31-128B-4034-862B-8EF3CE3EE949\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C5E097B-B79E-4E6A-9291-C8CB9674FED5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"819FA3ED-F934-4B20-BC0E-D638ACCB7787\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D7D773A-4988-4D7C-A105-1885EBE14426\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"768C0EB7-8456-4BF4-8598-3401A54D21DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"5332B70A-F6B0-4C3B-90E2-5CBFB3326126\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"81439FE8-5405-45C2-BC04-9823D2009A77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E506138D-043E-485D-B485-94A2AB75F8E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EF3C901-3599-463F-BEFB-8858768DC195\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD806778-A995-4A9B-9C05-F4D7B1CB1F7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E7545CE-6300-4E81-B5AF-2BE150C1B190\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CA3060F-1800-4A06-A453-FB8CE4B65312\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A5B337A-727C-4767-AD7B-E0F7F99EB46F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"59006503-B2CA-4F79-AC13-7C5615A74CE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8110DA9-54B1-43CF-AACB-76EABE0C9EF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"11B5CC5A-1959-4113-BFCF-E4BA63D918C1\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) Continued processing of this malformed HTTP message may result in an extended Denial of Service (DoS) condition. The offending HTTP message that causes this issue may originate both from the HTTP server or the HTTP client. This issue affects Juniper Networks Junos OS on SRX Series: 18.1 versions prior to 18.1R3-S9 ; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3; 18.3 versions prior to 18.3R1-S7, 18.3R2-S4, 18.3R3-S1; 18.4 versions prior to 18.4R1-S7, 18.4R2-S4, 18.4R3; 19.1 versions prior to 19.1R1-S5, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2; 19.3 versions prior to 19.3R2. This issue does not affect Juniper Networks Junos OS prior to 18.1R1.\"}, {\"lang\": \"es\", \"value\": \"En Juniper Networks SRX Series con el servicio de redireccionamiento ICAP (Internet Content Adaptation Protocol) habilitado, el procesamiento de un mensaje HTTP malformado puede conllevar a un procesamiento Continuado de Denegaci\\u00f3n de Servicio (DoS) o Ejecuci\\u00f3n de C\\u00f3digo Remota (RCE) de este mensaje HTTP malformado puede resultar en una condici\\u00f3n de Denegaci\\u00f3n de Servicio (DoS) extendida. El mensaje HTTP ofensivo que causa este problema puede originarse tanto en el servidor HTTP como en el cliente HTTP. Este problema afecta a Juniper Networks Junos OS en la Serie SRX: versiones 18.1 anteriores a 18.1R3-S9; versiones 18.2 anteriores a 18.2R2-S7, 18.2R3-S3; versiones 18.3 anteriores a 18.3R1-S7, 18.3R2-S4, 18.3R3-S1; versiones 18.4 anteriores a 18.4R1-S7, 18.4R2-S4, 18.4R3; 19.1 versiones anteriores a 19.1R1-S5, 19.1R2; versiones 19.2 anteriores a 19.2R1-S2, 19.2R2; versiones 19.3 anteriores a 19.3R2. Este problema no afecta a Juniper Networks Junos OS versiones anteriores a 18.1R1\"}]",
      "id": "CVE-2020-1654",
      "lastModified": "2024-11-21T05:11:05.710",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-07-17T19:15:13.983",
      "references": "[{\"url\": \"https://kb.juniper.net/JSA11031\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://kb.juniper.net/JSA11031\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-120\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-120\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-1654\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2020-07-17T19:15:13.983\",\"lastModified\":\"2024-11-21T05:11:05.710\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) Continued processing of this malformed HTTP message may result in an extended Denial of Service (DoS) condition. The offending HTTP message that causes this issue may originate both from the HTTP server or the HTTP client. This issue affects Juniper Networks Junos OS on SRX Series: 18.1 versions prior to 18.1R3-S9 ; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3; 18.3 versions prior to 18.3R1-S7, 18.3R2-S4, 18.3R3-S1; 18.4 versions prior to 18.4R1-S7, 18.4R2-S4, 18.4R3; 19.1 versions prior to 19.1R1-S5, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2; 19.3 versions prior to 19.3R2. This issue does not affect Juniper Networks Junos OS prior to 18.1R1.\"},{\"lang\":\"es\",\"value\":\"En Juniper Networks SRX Series con el servicio de redireccionamiento ICAP (Internet Content Adaptation Protocol) habilitado, el procesamiento de un mensaje HTTP malformado puede conllevar a un procesamiento Continuado de Denegaci\u00f3n de Servicio (DoS) o Ejecuci\u00f3n de C\u00f3digo Remota (RCE) de este mensaje HTTP malformado puede resultar en una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) extendida. El mensaje HTTP ofensivo que causa este problema puede originarse tanto en el servidor HTTP como en el cliente HTTP. Este problema afecta a Juniper Networks Junos OS en la Serie SRX: versiones 18.1 anteriores a 18.1R3-S9; versiones 18.2 anteriores a 18.2R2-S7, 18.2R3-S3; versiones 18.3 anteriores a 18.3R1-S7, 18.3R2-S4, 18.3R3-S1; versiones 18.4 anteriores a 18.4R1-S7, 18.4R2-S4, 18.4R3; 19.1 versiones anteriores a 19.1R1-S5, 19.1R2; versiones 19.2 anteriores a 19.2R1-S2, 19.2R2; versiones 19.3 anteriores a 19.3R2. Este problema no afecta a Juniper Networks Junos OS versiones anteriores a 18.1R1\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DFDD907-5305-4602-8A9C-685AA112C342\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0A756E2-C320-405A-B24F-7C5022649E5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"84F5BCBA-404B-4BC9-B363-CE6D231B0D6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"18A4CA3E-DA61-49CC-8476-3A476CCB2B83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7380B3E-09F5-4497-86C6-11EF56BD89F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"658841A9-BEC9-433E-81D0-47DE82887C4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AD05209-1274-4F8A-9FA2-A1A8DFCC5755\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C97683B3-A07B-428F-9535-C49B55305679\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A14CE132-C56B-43D8-A248-AB6A2D1A7B6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"73978DD8-BD92-4872-8F35-AF2B9BCA1ECB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r3-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"7988CE92-71D2-4EEC-B596-4A60E2C1136A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r3-s7:*:*:*:*:*:*\",\"matchCriteriaId\":\"330D176F-8DAD-440C-A623-44FA233FAB01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r3-s8:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CC5EAB8-1364-4325-9F01-BE7CC479C29D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"167EEC4F-729E-47C2-B0F8-E8108CE3E985\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r1:-:*:*:*:*:*\",\"matchCriteriaId\":\"90BF177D-A895-4D05-B674-B27420A5DC6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A893CCE5-96B8-44A1-ABEF-6AB9B527B2FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"42203801-E2E7-4DCF-ABBB-D23A91B2A9FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"238EC996-8E8C-4332-916F-09E54E6EBB9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F711936-33A1-47FC-A6A0-A63088915815\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"21B7820C-01D2-401C-9E6D-C83994FD5961\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D2FBD29-2CAC-41B4-9336-671373EF4A7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEFCDA90-67E2-4AEF-800C-1D29A9121B8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"74B99981-840F-4DAD-976A-5DAEFE9FB93D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r2-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDD3ADB9-35FF-41D3-92BD-98D6D4826B03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r2-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"341F2459-8335-40E9-A2B3-BE804D319F95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B670F988-78F2-4BC6-B7FC-E34C280F67DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F9451C7-6466-4AC9-9A7F-90A2817AED6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"871CA952-C5EC-4A25-8EF0-C2EC484F7DE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5342C3DC-D640-47AB-BD76-3444852988A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AB8585E-EDC6-4400-BEE3-3A6A7C922C90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2ABC574-B3FC-4025-B50D-7F9EEB28C806\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F6EAFC3-C3AC-4361-8530-39FCF89702F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r1-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B363298-315C-4FD5-9417-C5B82883A224\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r1-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB08FF7B-01F5-4A19-858E-E2CD19D61A62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7A3FBD3-5399-42A9-9BD9-E3C981CBD6DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EBD361C-8B4D-43EF-8B82-9FE165D8206E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E7539C4-6208-43EB-9A0B-4852D0CE0FA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"35299B02-DC75-458D-B86D-8A0DB95B06AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFB29C9B-9729-43EB-AF98-AF44038DA711\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"74CA9010-D3DE-487B-B46F-589A48AB0F0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A38F224C-8E9B-44F3-9D4F-6C9F04F57927\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"853F146A-9A0F-49B6-AFD2-9907434212F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F73B88B-E66C-4ACD-B38D-9365FB230ABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C012CD07-706A-4E1C-B399-C55AEF5C8309\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0C26E59-874A-4D87-9E7F-E366F4D65ED1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D59D7A31-128B-4034-862B-8EF3CE3EE949\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C5E097B-B79E-4E6A-9291-C8CB9674FED5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"819FA3ED-F934-4B20-BC0E-D638ACCB7787\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D7D773A-4988-4D7C-A105-1885EBE14426\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"768C0EB7-8456-4BF4-8598-3401A54D21DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5332B70A-F6B0-4C3B-90E2-5CBFB3326126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"81439FE8-5405-45C2-BC04-9823D2009A77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E506138D-043E-485D-B485-94A2AB75F8E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EF3C901-3599-463F-BEFB-8858768DC195\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD806778-A995-4A9B-9C05-F4D7B1CB1F7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E7545CE-6300-4E81-B5AF-2BE150C1B190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CA3060F-1800-4A06-A453-FB8CE4B65312\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A5B337A-727C-4767-AD7B-E0F7F99EB46F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"59006503-B2CA-4F79-AC13-7C5615A74CE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8110DA9-54B1-43CF-AACB-76EABE0C9EF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"11B5CC5A-1959-4113-BFCF-E4BA63D918C1\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA11031\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://kb.juniper.net/JSA11031\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.