VAR-201801-1077
Vulnerability from variot - Updated: 2023-12-18 13:19On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blocked by other rules is permitted to flow through the device resulting in a firewall bypass condition. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D71 on SRX series; 12.3X48 versions prior to 12.3X48-D55 on SRX series; 15.1X49 versions prior to 15.1X49-D100 on SRX series. Juniper Networks Junos OS Contains vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. Juniper Junos is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Juniper SRX Series is an SRX series firewall device of Juniper Networks (Juniper Networks). Junos is an operating system that runs on it
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1077",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "junos",
"scope": "eq",
"trust": 1.9,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.3,
"vendor": "juniper",
"version": "15.1x49"
},
{
"model": "junos",
"scope": "eq",
"trust": 1.3,
"vendor": "juniper",
"version": "12.3x48"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "15.1x49-d100"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "12.1x46-d71"
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "12.3x48-d55"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "12.3x48 (srx)"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "12.1x46 (srx)"
},
{
"model": "junos os",
"scope": "lt",
"trust": 0.8,
"vendor": "juniper",
"version": "15.1x49 (srx)"
},
{
"model": "srx series",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junos 15.1x49-d80",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x49-d70",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x49-d60",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x49-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x49-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x49-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x49-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x49-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d51",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d50",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d45",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d67",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d66",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d65",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d60",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d55",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d51",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d50",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d46",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d45",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d40",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d37",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d36",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 15.1x49-d100",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.3x48-d55",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x46-d71",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "102491"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001738"
},
{
"db": "NVD",
"id": "CVE-2018-0009"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-910"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d65:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d40:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d45:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d50:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d55:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d35:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:d60:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0009"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "102491"
}
],
"trust": 0.3
},
"cve": "CVE-2018-0009",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-0009",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-118211",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "sirt@juniper.net",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.2,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-0009",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-0009",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "sirt@juniper.net",
"id": "CVE-2018-0009",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-910",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-118211",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118211"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001738"
},
{
"db": "NVD",
"id": "CVE-2018-0009"
},
{
"db": "NVD",
"id": "CVE-2018-0009"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-910"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blocked by other rules is permitted to flow through the device resulting in a firewall bypass condition. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D71 on SRX series; 12.3X48 versions prior to 12.3X48-D55 on SRX series; 15.1X49 versions prior to 15.1X49-D100 on SRX series. Juniper Networks Junos OS Contains vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. Juniper Junos is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Juniper SRX Series is an SRX series firewall device of Juniper Networks (Juniper Networks). Junos is an operating system that runs on it",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0009"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001738"
},
{
"db": "BID",
"id": "102491"
},
{
"db": "VULHUB",
"id": "VHN-118211"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0009",
"trust": 2.8
},
{
"db": "BID",
"id": "102491",
"trust": 2.0
},
{
"db": "JUNIPER",
"id": "JSA10836",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1040187",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001738",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-910",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-118211",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118211"
},
{
"db": "BID",
"id": "102491"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001738"
},
{
"db": "NVD",
"id": "CVE-2018-0009"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-910"
}
]
},
"id": "VAR-201801-1077",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-118211"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:19:16.950000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "JSA10836",
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10836"
},
{
"title": "Juniper SRX series Junos OS Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=100180"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001738"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-910"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118211"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001738"
},
{
"db": "NVD",
"id": "CVE-2018-0009"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102491"
},
{
"trust": 1.7,
"url": "https://kb.juniper.net/jsa10836"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1040187"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0009"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0009"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/us/en/products-services/nos/junos/"
},
{
"trust": 0.3,
"url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10836\u0026cat=sirt_1\u0026actp=list"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118211"
},
{
"db": "BID",
"id": "102491"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001738"
},
{
"db": "NVD",
"id": "CVE-2018-0009"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-910"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-118211"
},
{
"db": "BID",
"id": "102491"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001738"
},
{
"db": "NVD",
"id": "CVE-2018-0009"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-910"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-10T00:00:00",
"db": "VULHUB",
"id": "VHN-118211"
},
{
"date": "2018-01-10T00:00:00",
"db": "BID",
"id": "102491"
},
{
"date": "2018-03-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001738"
},
{
"date": "2018-01-10T22:29:01.260000",
"db": "NVD",
"id": "CVE-2018-0009"
},
{
"date": "2017-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-910"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-118211"
},
{
"date": "2018-01-10T00:00:00",
"db": "BID",
"id": "102491"
},
{
"date": "2018-03-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001738"
},
{
"date": "2019-10-09T23:30:57.393000",
"db": "NVD",
"id": "CVE-2018-0009"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-910"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-910"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper Networks Junos OS Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001738"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-910"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…