Vulnerabilites related to juniper - srx4300
Vulnerability from fkie_nvd
Published
2016-03-09 23:59
Modified
2025-04-12 10:46
Severity ?
Summary
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", matchCriteriaId: "A842D7E6-54A8-44C8-A241-1CE8B7B8BDAE", versionEndExcluding: "9.9.8", versionStartIncluding: "9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", matchCriteriaId: "D4B076C1-84ED-4924-B65A-994A23B78345", versionEndExcluding: "9.10.3", versionStartIncluding: "9.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.8:-:*:*:*:*:*:*", matchCriteriaId: "B41581B6-E576-4273-A2B8-CDB1AD1497B2", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.8:p2:*:*:*:*:*:*", matchCriteriaId: "B02B1665-1283-4B0B-9AD2-827C8BEFCF3B", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.8:p3:*:*:*:*:*:*", matchCriteriaId: "A7CE97C3-AE65-407B-B209-9809923732AF", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.8:rc1:*:*:*:*:*:*", matchCriteriaId: "86C0C8FC-6004-4DFF-919C-068DEC26FA6D", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.3:-:*:*:*:*:*:*", matchCriteriaId: "D4C46844-7B97-4EBA-9B9D-715498B5FEEB", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.3:beta1:*:*:*:*:*:*", matchCriteriaId: "BF170094-2C93-4630-A827-C2335D75425B", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.3:p1:*:*:*:*:*:*", matchCriteriaId: "88359A5D-CE32-4920-BE5D-98EC262B41EB", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.3:p2:*:*:*:*:*:*", matchCriteriaId: "B77760E4-57C5-4A5E-A169-C84409930757", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.3:p3:*:*:*:*:*:*", matchCriteriaId: "24E9CBCA-241C-4EF6-8C0C-FA32E81B8B7C", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.3:rc1:*:*:*:*:*:*", matchCriteriaId: "893ACAAC-406E-4A1C-970B-A15B42961271", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*", matchCriteriaId: "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*", matchCriteriaId: "58D3B6FD-B474-4B09-B644-A8634A629280", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*", matchCriteriaId: "F892F1B0-514C-42F7-90AE-12ACDFDC1033", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:manager:2.1:*:*:*:*:*:*:*", matchCriteriaId: "FD4EEF7C-CC33-4494-8531-7C0CC28A8823", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:manager_proxy:2.1:*:*:*:*:*:*:*", matchCriteriaId: "3CBED083-B935-4C47-BBDA-F39D8EA277ED", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*", matchCriteriaId: "BD6136E8-74DE-48AF-A8AB-B0E93D34870C", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", matchCriteriaId: "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", matchCriteriaId: "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", matchCriteriaId: "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", matchCriteriaId: "CB6476C7-03F2-4939-AB85-69AA524516D9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*", matchCriteriaId: "B12243B2-D726-404C-ABFF-F1AB51BA1783", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", matchCriteriaId: "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", matchCriteriaId: "15FC9014-BD85-4382-9D04-C0703E901D7A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*", matchCriteriaId: "2076747F-A98E-4DD9-9B52-BF1732BCAD3D", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", matchCriteriaId: "D41A798E-0D69-43C7-9A63-1E5921138EAC", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", matchCriteriaId: "1831D45A-EE6E-4220-8F8C-248B69520948", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*", matchCriteriaId: "5A633996-2FD7-467C-BAA6-529E16BD06D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", matchCriteriaId: "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*", matchCriteriaId: "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:12.1x46:-:*:*:*:*:*:*", matchCriteriaId: "92F31F7F-02E0-4E63-A600-DF8AB4E3BAA3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*", matchCriteriaId: "A71742CF-50B1-44BB-AB7B-27E5DCC9CF70", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*", matchCriteriaId: "4FD4237A-C257-4D8A-ABC4-9B2160530A4E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*", matchCriteriaId: "5A449C87-C5C3-48FE-9E46-64ED5DD5F193", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*", matchCriteriaId: "F4B6215F-76BF-473F-B325-0975B0EB101E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d30:*:*:*:*:*:*", matchCriteriaId: "A1C4A10C-49A3-4103-9E56-F881113BC5D7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d35:*:*:*:*:*:*", matchCriteriaId: "50E7FD07-A309-48EC-A520-C7F0FA35865C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d40:*:*:*:*:*:*", matchCriteriaId: "F868948A-04D7-473B-971F-721302653633", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d45:*:*:*:*:*:*", matchCriteriaId: "830A9EBA-88F1-4277-B98F-75AC52A60824", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d50:*:*:*:*:*:*", matchCriteriaId: "BFA2ADAB-E486-4DBB-8B84-CC095D102278", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d55:*:*:*:*:*:*", matchCriteriaId: "9ACD0C03-ACD9-4D47-B3EE-1D8753FF5A83", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d60:*:*:*:*:*:*", matchCriteriaId: "0DD32D8A-7531-4691-B45D-9EACC69A23D6", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d65:*:*:*:*:*:*", matchCriteriaId: "76DFA52F-5B2E-47DA-9A8E-7D17A7413929", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d66:*:*:*:*:*:*", matchCriteriaId: "4D363E73-ABC4-4E9F-9E7B-86087D3A3F9B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d67:*:*:*:*:*:*", matchCriteriaId: "A7502F95-BADC-432A-B7BE-8E9931FA1448", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d70:*:*:*:*:*:*", matchCriteriaId: "9451CD3F-BF4E-4BBC-AD00-660BE2B313C9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d71:*:*:*:*:*:*", matchCriteriaId: "C63E8B17-250D-4D74-9A1F-2F3577D9A071", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d72:*:*:*:*:*:*", matchCriteriaId: "801AB7D7-3407-4F8B-83C4-CC16076DB0E6", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d73:*:*:*:*:*:*", matchCriteriaId: "FA4104D4-3FA2-4936-ACBD-06B0BD0B9E4C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d76:*:*:*:*:*:*", matchCriteriaId: "090BB276-C169-4A41-B03D-0EC40D20E8BF", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d77:*:*:*:*:*:*", matchCriteriaId: "51732A2B-52E2-4356-8409-5CB6D79F23DE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46-d10:*:*:*:*:*:*:*", matchCriteriaId: "A6390879-1AB9-4B11-A8A8-6B914F52EB83", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46-d76:-:*:*:*:*:*:*", matchCriteriaId: "D6A2BAF7-8D71-474C-9F72-FF5DABC69749", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*", matchCriteriaId: "AC1FED64-8725-4978-9EBF-E3CD8EF338E4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*", matchCriteriaId: "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*", matchCriteriaId: "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*", matchCriteriaId: "5FF83BD0-3B28-481E-8C8F-09ECDA493DA4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*", matchCriteriaId: "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*", matchCriteriaId: "3C82799B-BD25-4359-9E3D-4D7CA7367525", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*", matchCriteriaId: "094485FF-960C-4533-A2AF-6C4D420D260D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*", matchCriteriaId: "F8BE3661-1DE5-4F57-9384-68C1B34F6812", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*", matchCriteriaId: "B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*", matchCriteriaId: "C6C694C6-C58C-4513-91E8-6CC22A2386E3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d51:*:*:*:*:*:*", matchCriteriaId: "64A0CCD4-91BA-440E-A14C-48E67D1F03A1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*", matchCriteriaId: "6B65EF51-ED97-4973-94C4-8F66C553F190", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*", matchCriteriaId: "9EE7C08A-2A4B-4A84-AD95-A890913E2EE3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*", matchCriteriaId: "44C61900-680C-4C74-8B96-ACC93FE9465E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d66:*:*:*:*:*:*", matchCriteriaId: "6A793CCD-397E-45DA-9349-D01C69AB96D9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d70:*:*:*:*:*:*", matchCriteriaId: "B6C38637-ABE0-419A-A053-CBE076766551", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d75:*:*:*:*:*:*", matchCriteriaId: "1F87EF0D-E609-4D4A-B228-CEF05C753E68", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*", matchCriteriaId: "D90D8985-34EF-44CC-A9A7-CB0FD22676F2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*", matchCriteriaId: "856A5668-FA4F-44E9-A3F0-BE4979F631E2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*", matchCriteriaId: "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*", matchCriteriaId: "FA2459ED-DFA5-4701-AF92-C2928C3BD64D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*", matchCriteriaId: "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d131:*:*:*:*:*:*", matchCriteriaId: "40D42ACF-860C-4B47-8E25-7DEC30FB8064", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*", matchCriteriaId: "C808E08F-1992-43DD-A106-E920DC784831", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d15:*:*:*:*:*:*", matchCriteriaId: "C8C94365-988C-4A14-8E49-846152FDC666", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*", matchCriteriaId: "E288F54B-AEA3-412F-85A4-EBDFE74DB84F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d160:*:*:*:*:*:*", matchCriteriaId: "02AAC05C-1C4B-4F35-A286-52D20DFD6212", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d170:*:*:*:*:*:*", matchCriteriaId: "080422D3-B508-4049-B558-4B04BF2E8AB4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d180:*:*:*:*:*:*", matchCriteriaId: "2FAFD8F8-CBD2-45CA-BD3C-875C8FA1D778", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*", matchCriteriaId: "18468579-0195-4DDE-BAA5-4BE4068F3A69", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d25:*:*:*:*:*:*", matchCriteriaId: "6825F6BA-B48F-4E02-938F-6B297E21BA07", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*", matchCriteriaId: "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*", matchCriteriaId: "870244F3-1C05-4F10-A205-5189BB860F46", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*", matchCriteriaId: "235EE40B-AA15-4F39-8087-A051F4F70995", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*", matchCriteriaId: "17330544-3AFC-463E-A146-2840A8AE17D2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*", matchCriteriaId: "8ABA301F-7866-42A5-8391-E07BEAFF06FA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*", matchCriteriaId: "884E4A85-ED42-4391-9FDD-9052F957743A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*", matchCriteriaId: "1901864B-688B-4352-A587-4B96B4E49FB1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*", matchCriteriaId: "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*", matchCriteriaId: "1B6670FB-9F5A-469B-97F2-074C28572065", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*", matchCriteriaId: "71198992-83AA-4E28-BA7D-A3C1897B5E2B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*", matchCriteriaId: "4323D874-C317-4D76-8E2D-C82376D84CBE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*", matchCriteriaId: "F56067DA-EBA9-481A-B60B-52148584EFBD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*", matchCriteriaId: "A283D32F-1CAF-4A5A-83E1-585F2801771F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*", matchCriteriaId: "38A40E03-F915-4888-87B0-5950F75F097D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "C52E355B-DA7D-4FDE-B2D7-A3C3C9C99918", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r1-s4:*:*:*:*:*:*", matchCriteriaId: "267A3603-BC18-442E-803A-4CAEB6493433", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*", matchCriteriaId: "69FC46D4-39E2-4E2F-A1D3-1001769A7115", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "32F83E8B-A816-4F26-95F8-F0DA7F3DF426", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "2C433359-BC8B-4E69-BE74-A31EB148083A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r2-s3:*:*:*:*:*:*", matchCriteriaId: "BCA2976C-C84B-40D9-A806-588629BFFB13", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r2-s4:*:*:*:*:*:*", matchCriteriaId: "A2C7B980-033E-40AC-98C9-B252733B0F43", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r2-s5:*:*:*:*:*:*", matchCriteriaId: "BA8D32E4-1892-46DC-9782-5466A14E18D9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3:*:*:*:*:*:*", matchCriteriaId: "25C7C3D0-A203-4979-8375-A610ADD48E9E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3:-:*:*:*:*:*", matchCriteriaId: "D1CAEBD2-2E46-44B5-B1D1-1DDBD450FD27", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3-s1:*:*:*:*:*:*", matchCriteriaId: "565AE6D8-28A9-4A62-A886-5BAB954695D8", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3-s2:*:*:*:*:*:*", matchCriteriaId: "0C366F93-BB30-4144-99AE-40B676977834", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3-s3:*:*:*:*:*:*", matchCriteriaId: "488BB10A-1360-42E5-A68D-23D51B332850", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3-s4:*:*:*:*:*:*", matchCriteriaId: "64988F0A-E02C-455B-99C9-4059C896416F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3-s5:*:*:*:*:*:*", matchCriteriaId: "DC2ACA85-FA89-40F0-A2AD-778E1CB02A91", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3-s6:*:*:*:*:*:*", matchCriteriaId: "9F431D3D-5D55-45A9-98E8-00CB1D4C0196", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*", matchCriteriaId: "A00CA6FB-8F28-4171-B510-8DBA351E80C0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*", matchCriteriaId: "988D317A-0646-491F-9B97-853E8E208276", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "605F1AD7-5B09-44F0-9017-15AB3EEE559C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s3:*:*:*:*:*:*", matchCriteriaId: "DF3F9F86-166F-45E4-92B7-3DD3B06199F3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*", matchCriteriaId: "4E4EB6B0-8DB2-4199-96E4-30195D49F756", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s5:*:*:*:*:*:*", matchCriteriaId: "204FC7B5-9CF2-4AC2-9B8D-DA48CAEA6496", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*", matchCriteriaId: "9D8A8E33-473A-4A40-A7B7-47086BB9012A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*", matchCriteriaId: "F0F65DCA-34B9-4CE8-91C9-426AAAEB4097", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*", matchCriteriaId: "0E0CE79A-157D-47DE-BE65-936BC12470EB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "05060C06-18C1-40E8-AE01-385B036CC9AA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s10:*:*:*:*:*:*", matchCriteriaId: "341417EE-71C2-465C-96CA-65B2B5B63FF0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s11:*:*:*:*:*:*", matchCriteriaId: "A701A73D-A795-47DD-8EB5-55D1CDF67A49", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s12:*:*:*:*:*:*", matchCriteriaId: "CC1EE8D6-8963-49D8-84C7-C9406B04D9EC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s13:*:*:*:*:*:*", matchCriteriaId: "03BCD35E-29D3-4F8C-ABE9-32C7010FD796", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "0C752783-4843-407B-AF33-0E1D36FCAAF8", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s3:*:*:*:*:*:*", matchCriteriaId: "006EE425-A146-4E10-B050-7E754BB8402A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s4:*:*:*:*:*:*", matchCriteriaId: "2B482BCC-1F0C-47AA-B63B-1B39CEF7B2C0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s5:*:*:*:*:*:*", matchCriteriaId: "A636F9F2-2DA7-4A27-AD80-FD1B34DFCA94", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s6:*:*:*:*:*:*", matchCriteriaId: "4EC7D216-D8F3-4ABD-97C9-4C9FB6DF64FF", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s7:*:*:*:*:*:*", matchCriteriaId: "5E327643-D8D8-4EFA-9F38-BA862A919501", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s8:*:*:*:*:*:*", matchCriteriaId: "1BC6CE1C-9DD8-429E-BDC2-251D8C8674E3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s9:*:*:*:*:*:*", matchCriteriaId: "63B00B4F-3E65-4CB2-807D-43908B570AE6", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*", matchCriteriaId: "0DFDD907-5305-4602-8A9C-685AA112C342", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*", matchCriteriaId: "B0A756E2-C320-405A-B24F-7C5022649E5A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*", matchCriteriaId: "2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*", matchCriteriaId: "84F5BCBA-404B-4BC9-B363-CE6D231B0D6D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*", matchCriteriaId: "18A4CA3E-DA61-49CC-8476-3A476CCB2B83", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*", matchCriteriaId: "A7380B3E-09F5-4497-86C6-11EF56BD89F1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:*", matchCriteriaId: "658841A9-BEC9-433E-81D0-47DE82887C4F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s1:*:*:*:*:*:*", matchCriteriaId: "5AD05209-1274-4F8A-9FA2-A1A8DFCC5755", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s13:*:*:*:*:*:*", matchCriteriaId: "F144834D-7FC0-4B60-AFCB-AD86BA121719", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s2:*:*:*:*:*:*", matchCriteriaId: "C97683B3-A07B-428F-9535-C49B55305679", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s3:*:*:*:*:*:*", matchCriteriaId: "A14CE132-C56B-43D8-A248-AB6A2D1A7B6C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s4:*:*:*:*:*:*", matchCriteriaId: "73978DD8-BD92-4872-8F35-AF2B9BCA1ECB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s5:*:*:*:*:*:*", matchCriteriaId: "678F57D1-2595-4AF3-BB87-AF2E1FE3CBB9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s6:*:*:*:*:*:*", matchCriteriaId: "7988CE92-71D2-4EEC-B596-4A60E2C1136A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s7:*:*:*:*:*:*", matchCriteriaId: "330D176F-8DAD-440C-A623-44FA233FAB01", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s8:*:*:*:*:*:*", matchCriteriaId: "8CC5EAB8-1364-4325-9F01-BE7CC479C29D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*", matchCriteriaId: "A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r1:*:*:*:*:*:*", matchCriteriaId: "167EEC4F-729E-47C2-B0F8-E8108CE3E985", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "0070B31B-59DC-46E9-93E0-1E8BF3560BFC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r1-s3:*:*:*:*:*:*", matchCriteriaId: "A893CCE5-96B8-44A1-ABEF-6AB9B527B2FB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r1-s4:*:*:*:*:*:*", matchCriteriaId: "42203801-E2E7-4DCF-ABBB-D23A91B2A9FF", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*", matchCriteriaId: "238EC996-8E8C-4332-916F-09E54E6EBB9D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2:*:*:*:*:*:*", matchCriteriaId: "5F711936-33A1-47FC-A6A0-A63088915815", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "21B7820C-01D2-401C-9E6D-C83994FD5961", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "3D2FBD29-2CAC-41B4-9336-671373EF4A7C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s3:*:*:*:*:*:*", matchCriteriaId: "EEFCDA90-67E2-4AEF-800C-1D29A9121B8F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s4:*:*:*:*:*:*", matchCriteriaId: "74B99981-840F-4DAD-976A-5DAEFE9FB93D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s5:*:*:*:*:*:*", matchCriteriaId: "BDD3ADB9-35FF-41D3-92BD-98D6D4826B03", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s6:*:*:*:*:*:*", matchCriteriaId: "341F2459-8335-40E9-A2B3-BE804D319F95", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s7:*:*:*:*:*:*", matchCriteriaId: "0CD17956-8E8C-489D-927A-5709C05EA705", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s8:*:*:*:*:*:*", matchCriteriaId: "27D9AEBC-2CA3-4E17-9543-D60B10BA2AE1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*", matchCriteriaId: "1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*", matchCriteriaId: "5342C3DC-D640-47AB-BD76-3444852988A2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "A2ABC574-B3FC-4025-B50D-7F9EEB28C806", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*", matchCriteriaId: "6F6EAFC3-C3AC-4361-8530-39FCF89702F7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1-s4:*:*:*:*:*:*", matchCriteriaId: "92FB1BF6-8852-45D8-817C-36CDBE730801", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1-s5:*:*:*:*:*:*", matchCriteriaId: "6B363298-315C-4FD5-9417-C5B82883A224", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1-s6:*:*:*:*:*:*", matchCriteriaId: "EB08FF7B-01F5-4A19-858E-E2CD19D61A62", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*", matchCriteriaId: "74CA9010-D3DE-487B-B46F-589A48AB0F0A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*", matchCriteriaId: "A38F224C-8E9B-44F3-9D4F-6C9F04F57927", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "853F146A-9A0F-49B6-AFD2-9907434212F1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "8F73B88B-E66C-4ACD-B38D-9365FB230ABA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*", matchCriteriaId: "EE1F82EC-3222-4158-8923-59CDA1909A9C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*", matchCriteriaId: "8FE95D15-B5E5-4E74-9464-C72D8B646A6B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*", matchCriteriaId: "C012CD07-706A-4E1C-B399-C55AEF5C8309", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:juniper:vsrx:-:*:*:*:*:*:*:*", matchCriteriaId: "36F68E75-E6C6-4DB4-AE0E-C5637ECE7C88", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", matchCriteriaId: "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", matchCriteriaId: "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", matchCriteriaId: "927EAB8B-EC3B-4B12-85B9-5517EBA49A30", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEBF85C-736A-4E7D-956A-3E8210D4F70B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*", matchCriteriaId: "4AE06B18-BFB5-4029-A05D-386CFBFBF683", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", matchCriteriaId: "CD647C15-A686-4C8F-A766-BC29404C0FED", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", matchCriteriaId: "45AB1622-1AED-4CD7-98F1-67779CDFC321", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*", matchCriteriaId: "48A1DCCD-208C-46D9-8E14-89592B49AB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", matchCriteriaId: "89276D88-3B8D-4168-A2CD-0920297485F2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*", matchCriteriaId: "E020556B-693F-4963-BA43-3164AB50FA49", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*", matchCriteriaId: "AB0D31FF-0812-42B8-B25E-03C35EC1B021", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", matchCriteriaId: "80F9DC32-5ADF-4430-B1A6-357D0B29DB78", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", matchCriteriaId: "8B82D4C4-7A65-409A-926F-33C054DCBFBA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", matchCriteriaId: "746C3882-2A5B-4215-B259-EB1FD60C513D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", matchCriteriaId: "CE535749-F4CE-4FFA-B23D-BF09C92481E5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", matchCriteriaId: "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", matchCriteriaId: "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*", matchCriteriaId: "06A03463-6B1D-4DBA-9E89-CAD5E899B98B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F6F5-4347-49D3-909A-27A3A96D36C9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*", matchCriteriaId: "826F893F-7B06-43B5-8653-A8D9794C052E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", matchCriteriaId: "56BA6B86-D3F4-4496-AE46-AC513C6560FA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*", matchCriteriaId: "462CFD52-D3E2-4F7A-98AC-C589D2420556", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*", matchCriteriaId: "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", matchCriteriaId: "2FDDC897-747F-44DD-9599-7266F9B5B7B1", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", matchCriteriaId: "62FC145A-D477-4C86-89E7-F70F52773801", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*", matchCriteriaId: "06685D0E-A075-49A5-9EF4-34F0F795C8C6", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*", matchCriteriaId: "52F0B735-8C49-4B08-950A-296C9CDE43CA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", matchCriteriaId: "68CA098D-CBE4-4E62-9EC0-43E1B6098710", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", matchCriteriaId: "66F474D4-79B6-4525-983C-9A9011BD958B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", matchCriteriaId: "8AA424D4-4DBF-4E8C-96B8-E37741B5403E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.", }, { lang: "es", value: "named en ISC BIND 9.x en versiones anteriores a 9.9.8-P4 y 9.10.x en versiones anteriores a 9.10.3-P4 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de un registro de firma manipulado para un registro DNAME, relacionada con db.c y resolver.c.", }, ], id: "CVE-2016-1286", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-03-09T23:59:03.147", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0562.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0601.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3511", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1035237", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2925-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-01353", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-01380", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-01438", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201610-07", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0562.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0601.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3511", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1035237", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2925-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-01353", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-01380", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-01438", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201610-07", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-12 01:15
Modified
2024-11-21 08:54
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).
In a remote access VPN scenario, if a "tcp-encap-profile" is configured and a sequence of specific packets is received, a flowd crash and restart will be observed.
This issue affects Juniper Networks Junos OS on SRX Series:
* All versions earlier than 20.4R3-S8;
* 21.2 versions earlier than 21.2R3-S6;
* 21.3 versions earlier than 21.3R3-S5;
* 21.4 versions earlier than 21.4R3-S5;
* 22.1 versions earlier than 22.1R3-S3;
* 22.2 versions earlier than 22.2R3-S3;
* 22.3 versions earlier than 22.3R3-S1;
* 22.4 versions earlier than 22.4R2-S2, 22.4R3.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", matchCriteriaId: "E3A96966-5060-4139-A124-D4E2C879FD6C", versionEndExcluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", matchCriteriaId: "3D361B23-A3C2-444B-BEB8-E231DA950567", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", matchCriteriaId: "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "037BA01C-3F5C-4503-A633-71765E9EF774", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", matchCriteriaId: "C54B047C-4B38-40C0-9855-067DCF7E48BD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "38984199-E332-4A9C-A4C0-78083D052E15", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "AA6526FB-2941-4D18-9B2E-472AD5A62A53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", matchCriteriaId: "09876787-A40A-4340-9C12-8628C325353B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "41615104-C17E-44DA-AB0D-6E2053BD4EF4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "1981DE38-36B5-469D-917E-92717EE3ED53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "AFA68ACD-AAE5-4577-B734-23AAF77BC85A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "65948ABC-22BB-46D5-8545-0806EDB4B86E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*", matchCriteriaId: "283E41CB-9A90-4521-96DC-F31AA592CFD8", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*", matchCriteriaId: "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*", matchCriteriaId: "977DEF80-0DB5-4828-97AC-09BB3111D585", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", matchCriteriaId: "216E7DDE-453D-481F-92E2-9F8466CDDA3F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", matchCriteriaId: "A52AF794-B36B-43A6-82E9-628658624B0A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "3998DC76-F72F-4452-9150-652140B113EB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "36ED4552-2420-45F9-B6E4-6DA2B2B12870", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", matchCriteriaId: "C28A14E7-7EA0-4757-9764-E39A27CFDFA5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "4A43752D-A4AF-4B4E-B95B-192E42883A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "42986538-E9D0-4C2E-B1C4-A763A4EE451B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", matchCriteriaId: "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "E596ABD9-6ECD-48DC-B770-87B7E62EA345", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "71745D02-D226-44DC-91AD-678C85F5E6FC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*", matchCriteriaId: "39E44B09-7310-428C-8144-AE9DB0484D1F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*", matchCriteriaId: "53938295-8999-4316-9DED-88E24D037852", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*", matchCriteriaId: "2307BF56-640F-49A8-B060-6ACB0F653A61", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*", matchCriteriaId: "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", matchCriteriaId: "CC78A4CB-D617-43FC-BB51-287D2D0C44ED", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "30FF67F8-1E3C-47A8-8859-709B3614BA6E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "0C7C507E-C85E-4BC6-A3B0-549516BAB524", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*", matchCriteriaId: "6514CDE8-35DC-469F-89A3-078684D18F7A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "4624565D-8F59-44A8-B7A8-01AD579745E7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*", matchCriteriaId: "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*", matchCriteriaId: "255B6F20-D32F-42C1-829C-AE9C7923558A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*", matchCriteriaId: "90AE30DB-C448-4FE9-AC11-FF0F27CDA227", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*", matchCriteriaId: "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s4:*:*:*:*:*:*", matchCriteriaId: "3CCBB2F4-F05B-4CC5-9B1B-ECCB798D0483", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", matchCriteriaId: "79ED3CE8-CC57-43AB-9A26-BBC87816062D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", matchCriteriaId: "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "9962B01C-C57C-4359-9532-676AB81CE8B0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "62178549-B679-4902-BFDB-2993803B7FCE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", matchCriteriaId: "9AD697DF-9738-4276-94ED-7B9380CD09F5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "09FF5818-0803-4646-A386-D7C645EE58A3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "2229FA59-EB24-49A2-85CE-F529A8DE6BA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*", matchCriteriaId: "0CB280D8-C5D8-4B51-A879-496ACCDE4538", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "5F3F54F1-75B3-400D-A735-2C27C8CEBE79", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "0A5B196A-2AF1-4AE5-9148-A75A572807BC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "3B457616-2D91-4913-9A7D-038BBF8F1F66", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*", matchCriteriaId: "9D157211-535E-4B2D-B2FE-F697FAFDF65C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", matchCriteriaId: "3F96EBE9-2532-4E35-ABA5-CA68830476A4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", matchCriteriaId: "B4D936AE-FD74-4823-A824-2D9F24C25BFB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*", matchCriteriaId: "E117E493-F4E1-4568-88E3-F243C74A2662", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*", matchCriteriaId: "01E3E308-FD9C-4686-8C35-8472A0E99F0D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*", matchCriteriaId: "3683A8F5-EE0E-4936-A005-DF7F6B75DED3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*", matchCriteriaId: "1B615DBA-8C53-41D4-B264-D3EED8578471", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*", matchCriteriaId: "B3124DD0-9E42-4896-9060-CB7DD07FC342", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*", matchCriteriaId: "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*", matchCriteriaId: "D49FFB60-BA71-4902-9404-E67162919ADC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*", matchCriteriaId: "06156CD6-09D3-4A05-9C5E-BC64A70640F9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", matchCriteriaId: "E949B21B-AD62-4022-9088-06313277479E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "8D862E6F-0D01-4B25-8340-888C30F75A2F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "2F28F73E-8563-41B9-A313-BBAAD5B57A67", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", matchCriteriaId: "E37D4694-C80B-475E-AB5B-BB431F59C5E1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "5EC0D2D2-4922-4675-8A2C-57A08D7BE334", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*", matchCriteriaId: "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "786F993E-32CB-492A-A7CC-A7E4F48EA8B9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*", matchCriteriaId: "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", matchCriteriaId: "19519212-51DD-4448-B115-8A20A40192CC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "5CC9909E-AE9F-414D-99B1-83AA04D5297B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "FDE9E767-4713-4EA2-8D00-1382975A4A15", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*", matchCriteriaId: "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "574730B0-56C8-4A03-867B-1737148ED9B1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "20EBC676-1B26-4A71-8326-0F892124290A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*", matchCriteriaId: "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*", matchCriteriaId: "1379EF30-AF04-4F98-8328-52A631F24737", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*", matchCriteriaId: "28E42A41-7965-456B-B0AF-9D3229CE4D4C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "CB1A77D6-D3AD-481B-979C-8F778530B175", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "3A064B6B-A99B-4D8D-A62D-B00C7870BC30", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*", matchCriteriaId: "40813417-A938-4F74-A419-8C5188A35486", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "7FC1BA1A-DF0E-4B15-86BA-24C60E546732", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", matchCriteriaId: "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", matchCriteriaId: "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", matchCriteriaId: "927EAB8B-EC3B-4B12-85B9-5517EBA49A30", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEBF85C-736A-4E7D-956A-3E8210D4F70B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*", matchCriteriaId: "4AE06B18-BFB5-4029-A05D-386CFBFBF683", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", matchCriteriaId: "CD647C15-A686-4C8F-A766-BC29404C0FED", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", matchCriteriaId: "45AB1622-1AED-4CD7-98F1-67779CDFC321", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*", matchCriteriaId: "48A1DCCD-208C-46D9-8E14-89592B49AB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", matchCriteriaId: "89276D88-3B8D-4168-A2CD-0920297485F2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*", matchCriteriaId: "E020556B-693F-4963-BA43-3164AB50FA49", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*", matchCriteriaId: "AB0D31FF-0812-42B8-B25E-03C35EC1B021", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", matchCriteriaId: "80F9DC32-5ADF-4430-B1A6-357D0B29DB78", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", matchCriteriaId: "8B82D4C4-7A65-409A-926F-33C054DCBFBA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", matchCriteriaId: "746C3882-2A5B-4215-B259-EB1FD60C513D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", matchCriteriaId: "CE535749-F4CE-4FFA-B23D-BF09C92481E5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", matchCriteriaId: "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", matchCriteriaId: "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*", matchCriteriaId: "06A03463-6B1D-4DBA-9E89-CAD5E899B98B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F6F5-4347-49D3-909A-27A3A96D36C9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*", matchCriteriaId: "826F893F-7B06-43B5-8653-A8D9794C052E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", matchCriteriaId: "56BA6B86-D3F4-4496-AE46-AC513C6560FA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*", matchCriteriaId: "462CFD52-D3E2-4F7A-98AC-C589D2420556", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*", matchCriteriaId: "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", matchCriteriaId: "2FDDC897-747F-44DD-9599-7266F9B5B7B1", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", matchCriteriaId: "62FC145A-D477-4C86-89E7-F70F52773801", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*", matchCriteriaId: "06685D0E-A075-49A5-9EF4-34F0F795C8C6", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*", matchCriteriaId: "52F0B735-8C49-4B08-950A-296C9CDE43CA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", matchCriteriaId: "68CA098D-CBE4-4E62-9EC0-43E1B6098710", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", matchCriteriaId: "66F474D4-79B6-4525-983C-9A9011BD958B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", matchCriteriaId: "8AA424D4-4DBF-4E8C-96B8-E37741B5403E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "\nA Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).\n\nIn a remote access VPN scenario, if a \"tcp-encap-profile\" is configured and a sequence of specific packets is received, a flowd crash and restart will be observed.\n\nThis issue affects Juniper Networks Junos OS on SRX Series:\n\n\n\n * All versions earlier than 20.4R3-S8;\n * 21.2 versions earlier than 21.2R3-S6;\n * 21.3 versions earlier than 21.3R3-S5;\n * 21.4 versions earlier than 21.4R3-S5;\n * 22.1 versions earlier than 22.1R3-S3;\n * 22.2 versions earlier than 22.2R3-S3;\n * 22.3 versions earlier than 22.3R3-S1;\n * 22.4 versions earlier than 22.4R2-S2, 22.4R3.\n\n\n\n\n\n\n", }, { lang: "es", value: "Una vulnerabilidad Double Free en el flow processing daemon (flowd) de Juniper Networks Junos OS en la serie SRX permite que un atacante no autenticado basado en red provoque una denegación de servicio (DoS). En un escenario de VPN de acceso remoto, si se configura un \"tcp-encap-profile\" y se recibe una secuencia de paquetes específicos, se observará una falla fluida y un reinicio. Este problema afecta a Juniper Networks Junos OS en la serie SRX: * Todas las versiones anteriores a 20.4R3-S8; * Versiones 21.2 anteriores a 21.2R3-S6; * Versiones 21.3 anteriores a 21.3R3-S5; * Versiones 21.4 anteriores a 21.4R3-S5; * Versiones 22.1 anteriores a 22.1R3-S3; * Versiones 22.2 anteriores a 22.2R3-S3; * Versiones 22.3 anteriores a 22.3R3-S1; * Versiones 22.4 anteriores a 22.4R2-S2, 22.4R3.", }, ], id: "CVE-2024-21606", lastModified: "2024-11-21T08:54:42.453", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "sirt@juniper.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-12T01:15:48.873", references: [ { source: "sirt@juniper.net", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA75747", }, { source: "sirt@juniper.net", tags: [ "Third Party Advisory", ], url: "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA75747", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", }, ], sourceIdentifier: "sirt@juniper.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-415", }, ], source: "sirt@juniper.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-415", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-25 23:15
Modified
2024-11-21 08:54
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A Missing Authentication for Critical Function vulnerability combined with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to access sensitive system information.
When a user logs in, a temporary file which contains the configuration of the device (as visible to that user) is created in the /cache folder. An unauthenticated attacker can then attempt to access such a file by sending a specific request to the device trying to guess the name of such a file. Successful exploitation will reveal configuration information.
This issue affects Juniper Networks Junos OS on SRX Series and EX Series:
* All versions earlier than 20.4R3-S9;
* 21.2 versions earlier than 21.2R3-S7;
* 21.3 versions earlier than 21.3R3-S5;
* 21.4 versions earlier than 21.4R3-S6;
* 22.1 versions earlier than 22.1R3-S5;
* 22.2 versions earlier than 22.2R3-S3;
* 22.3 versions earlier than 22.3R3-S2;
* 22.4 versions earlier than 22.4R3;
* 23.2 versions earlier than 23.2R1-S2, 23.2R2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA76390 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA76390 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", matchCriteriaId: "E3A96966-5060-4139-A124-D4E2C879FD6C", versionEndExcluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", matchCriteriaId: "3D361B23-A3C2-444B-BEB8-E231DA950567", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", matchCriteriaId: "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "037BA01C-3F5C-4503-A633-71765E9EF774", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", matchCriteriaId: "C54B047C-4B38-40C0-9855-067DCF7E48BD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "38984199-E332-4A9C-A4C0-78083D052E15", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "AA6526FB-2941-4D18-9B2E-472AD5A62A53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", matchCriteriaId: "09876787-A40A-4340-9C12-8628C325353B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "41615104-C17E-44DA-AB0D-6E2053BD4EF4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "1981DE38-36B5-469D-917E-92717EE3ED53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "AFA68ACD-AAE5-4577-B734-23AAF77BC85A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "65948ABC-22BB-46D5-8545-0806EDB4B86E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*", matchCriteriaId: "283E41CB-9A90-4521-96DC-F31AA592CFD8", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*", matchCriteriaId: "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*", matchCriteriaId: "977DEF80-0DB5-4828-97AC-09BB3111D585", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s8:*:*:*:*:*:*", matchCriteriaId: "C445622E-8E57-4990-A71A-E1993BFCB91A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", matchCriteriaId: "216E7DDE-453D-481F-92E2-9F8466CDDA3F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", matchCriteriaId: "A52AF794-B36B-43A6-82E9-628658624B0A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "3998DC76-F72F-4452-9150-652140B113EB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "36ED4552-2420-45F9-B6E4-6DA2B2B12870", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", matchCriteriaId: "C28A14E7-7EA0-4757-9764-E39A27CFDFA5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "4A43752D-A4AF-4B4E-B95B-192E42883A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "42986538-E9D0-4C2E-B1C4-A763A4EE451B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", matchCriteriaId: "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "E596ABD9-6ECD-48DC-B770-87B7E62EA345", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "71745D02-D226-44DC-91AD-678C85F5E6FC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*", matchCriteriaId: "39E44B09-7310-428C-8144-AE9DB0484D1F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*", matchCriteriaId: "53938295-8999-4316-9DED-88E24D037852", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*", matchCriteriaId: "2307BF56-640F-49A8-B060-6ACB0F653A61", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*", matchCriteriaId: "737DDF96-7B1D-44E2-AD0F-E2F50858B2A3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*", matchCriteriaId: "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", matchCriteriaId: "CC78A4CB-D617-43FC-BB51-287D2D0C44ED", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "30FF67F8-1E3C-47A8-8859-709B3614BA6E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "0C7C507E-C85E-4BC6-A3B0-549516BAB524", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*", matchCriteriaId: "6514CDE8-35DC-469F-89A3-078684D18F7A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "4624565D-8F59-44A8-B7A8-01AD579745E7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*", matchCriteriaId: "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*", matchCriteriaId: "255B6F20-D32F-42C1-829C-AE9C7923558A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*", matchCriteriaId: "90AE30DB-C448-4FE9-AC11-FF0F27CDA227", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*", matchCriteriaId: "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s4:*:*:*:*:*:*", matchCriteriaId: "3CCBB2F4-F05B-4CC5-9B1B-ECCB798D0483", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", matchCriteriaId: "79ED3CE8-CC57-43AB-9A26-BBC87816062D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", matchCriteriaId: "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "9962B01C-C57C-4359-9532-676AB81CE8B0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "62178549-B679-4902-BFDB-2993803B7FCE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", matchCriteriaId: "9AD697DF-9738-4276-94ED-7B9380CD09F5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "09FF5818-0803-4646-A386-D7C645EE58A3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "2229FA59-EB24-49A2-85CE-F529A8DE6BA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*", matchCriteriaId: "0CB280D8-C5D8-4B51-A879-496ACCDE4538", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "5F3F54F1-75B3-400D-A735-2C27C8CEBE79", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "0A5B196A-2AF1-4AE5-9148-A75A572807BC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "3B457616-2D91-4913-9A7D-038BBF8F1F66", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*", matchCriteriaId: "C470FB4E-A927-4AF3-ACB0-AD1E264218B7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*", matchCriteriaId: "9D157211-535E-4B2D-B2FE-F697FAFDF65C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", matchCriteriaId: "3F96EBE9-2532-4E35-ABA5-CA68830476A4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", matchCriteriaId: "B4D936AE-FD74-4823-A824-2D9F24C25BFB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*", matchCriteriaId: "E117E493-F4E1-4568-88E3-F243C74A2662", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*", matchCriteriaId: "01E3E308-FD9C-4686-8C35-8472A0E99F0D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*", matchCriteriaId: "3683A8F5-EE0E-4936-A005-DF7F6B75DED3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*", matchCriteriaId: "1B615DBA-8C53-41D4-B264-D3EED8578471", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*", matchCriteriaId: "B3124DD0-9E42-4896-9060-CB7DD07FC342", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*", matchCriteriaId: "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*", matchCriteriaId: "D49FFB60-BA71-4902-9404-E67162919ADC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3-s3:*:*:*:*:*:*", matchCriteriaId: "EFF72FCA-C440-4D43-9BDB-F712DB413717", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3-s4:*:*:*:*:*:*", matchCriteriaId: "DE69E9E3-00FC-41BF-9109-617668CF9A0B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*", matchCriteriaId: "06156CD6-09D3-4A05-9C5E-BC64A70640F9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", matchCriteriaId: "E949B21B-AD62-4022-9088-06313277479E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "8D862E6F-0D01-4B25-8340-888C30F75A2F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "2F28F73E-8563-41B9-A313-BBAAD5B57A67", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", matchCriteriaId: "E37D4694-C80B-475E-AB5B-BB431F59C5E1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "5EC0D2D2-4922-4675-8A2C-57A08D7BE334", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*", matchCriteriaId: "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "786F993E-32CB-492A-A7CC-A7E4F48EA8B9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*", matchCriteriaId: "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", matchCriteriaId: "19519212-51DD-4448-B115-8A20A40192CC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "5CC9909E-AE9F-414D-99B1-83AA04D5297B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "FDE9E767-4713-4EA2-8D00-1382975A4A15", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*", matchCriteriaId: "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "574730B0-56C8-4A03-867B-1737148ED9B1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "20EBC676-1B26-4A71-8326-0F892124290A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*", matchCriteriaId: "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:*", matchCriteriaId: "8BCDE58C-80CC-4C5A-9667-8A4468D8D76C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*", matchCriteriaId: "1379EF30-AF04-4F98-8328-52A631F24737", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*", matchCriteriaId: "28E42A41-7965-456B-B0AF-9D3229CE4D4C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "CB1A77D6-D3AD-481B-979C-8F778530B175", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "3A064B6B-A99B-4D8D-A62D-B00C7870BC30", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*", matchCriteriaId: "40813417-A938-4F74-A419-8C5188A35486", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "7FC1BA1A-DF0E-4B15-86BA-24C60E546732", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "EBB967BF-3495-476D-839A-9DBFCBE69F91", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*", matchCriteriaId: "1A78CC80-E8B1-4CDA-BB35-A61833657FA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*", matchCriteriaId: "4B3B2FE1-C228-46BE-AC76-70C2687050AE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "F1B16FF0-900F-4AEE-B670-A537139F6909", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:juniper:ex_redundant_power_system:-:*:*:*:*:*:*:*", matchCriteriaId: "BFE03C4A-3FA7-43FC-8801-4F1566B54388", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex_rps:-:*:*:*:*:*:*:*", matchCriteriaId: "42877394-A0A1-4136-A1D3-D287BFCC85E5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2200:-:*:*:*:*:*:*:*", matchCriteriaId: "AE3D4F71-8476-4F0D-A976-A308D6483D6D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2200-c:-:*:*:*:*:*:*:*", matchCriteriaId: "F7BD5636-93D5-4C06-964F-00055DF6B2B8", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2200-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "D066A90D-F7F2-4EA5-8F0C-D0E189DDB05D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*", matchCriteriaId: "3B3302CB-457F-4BD2-B80B-F70FB4C4542E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-24mp:-:*:*:*:*:*:*:*", matchCriteriaId: "B3A0D9C0-34D3-430F-ABFA-B68010A8825D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-24p:-:*:*:*:*:*:*:*", matchCriteriaId: "5E04B126-F290-4242-BB80-5F573D623E6E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-24t:-:*:*:*:*:*:*:*", matchCriteriaId: "671D9977-7657-48C7-A07C-4AED54380A86", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-48mp:-:*:*:*:*:*:*:*", matchCriteriaId: "0E100C3C-070D-4132-927F-756538B91491", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-48p:-:*:*:*:*:*:*:*", matchCriteriaId: "2032E7DD-96FD-48B7-922C-5FE04675796C", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-48t:-:*:*:*:*:*:*:*", matchCriteriaId: "2D907D6A-B7C4-4A10-AA58-0F908575A435", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*", matchCriteriaId: "979C3597-C53B-4F4B-9EA7-126DA036C86D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300_multigigabit:-:*:*:*:*:*:*:*", matchCriteriaId: "332F4692-7E33-4FB6-9DE2-09E0A0068DB2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300m:-:*:*:*:*:*:*:*", matchCriteriaId: "62A536DA-5A57-4255-AB22-F99F8B7FF62A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex3200:-:*:*:*:*:*:*:*", matchCriteriaId: "4C7A20FC-A19F-4881-A0E8-C440E9FE60D0", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex3300:-:*:*:*:*:*:*:*", matchCriteriaId: "FC326549-217D-4194-8310-AB398D6FF3F0", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex3300-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "D32B9B26-8BF0-4C56-A9BF-D9BBAEA50506", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*", matchCriteriaId: "47DAF5E7-E610-4D74-8573-41C16D642837", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4100:-:*:*:*:*:*:*:*", matchCriteriaId: "C2521C83-E8F2-4621-9727-75BB3FC11E64", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4100-f:-:*:*:*:*:*:*:*", matchCriteriaId: "6F496D19-D28C-4517-90A3-90EC62BC5D79", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4100_multigigabit:-:*:*:*:*:*:*:*", matchCriteriaId: "AC6E4532-5DD9-45D4-996A-37C7E5742856", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*", matchCriteriaId: "53269C69-3D1E-4F05-8EF6-81743D7A699E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4200-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "E0F54ADF-7C13-4AA6-B61E-627D4DBB1CF3", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*", matchCriteriaId: "E594D6DC-87F6-40D2-8268-ED6021462168", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-24p:-:*:*:*:*:*:*:*", matchCriteriaId: "7BEA4BC3-093F-4DE6-BED1-2C7D2FC2C8A5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-24p-s:-:*:*:*:*:*:*:*", matchCriteriaId: "592377CC-4044-4FDD-A3DF-CBF25754EE4D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-24t:-:*:*:*:*:*:*:*", matchCriteriaId: "D12E8275-EF6B-44F9-A7D8-A769CDB5EED5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-24t-s:-:*:*:*:*:*:*:*", matchCriteriaId: "D3E63215-246E-49F3-A537-8A90D512DAB0", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-32f:-:*:*:*:*:*:*:*", matchCriteriaId: "AD1A5E69-928A-41A0-8B9B-91F307D99854", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-32f-dc:-:*:*:*:*:*:*:*", matchCriteriaId: "2B71953D-016D-4E72-B598-55667A507681", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-32f-s:-:*:*:*:*:*:*:*", matchCriteriaId: "CABBC37B-EB93-424D-A1E7-4686039C0955", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48mp:-:*:*:*:*:*:*:*", matchCriteriaId: "24526B69-E3E3-4249-80A4-A886BED5C07E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48mp-s:-:*:*:*:*:*:*:*", matchCriteriaId: "B2209605-65B6-44B3-9700-9EC543BF2408", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48p:-:*:*:*:*:*:*:*", matchCriteriaId: "C3C348CF-65C1-4A53-8F4F-99B5A4113679", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48p-s:-:*:*:*:*:*:*:*", matchCriteriaId: "60CB5F91-DC40-4D09-BB93-4539B8581877", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48t:-:*:*:*:*:*:*:*", matchCriteriaId: "ADE8EB69-95DD-44E9-80A6-F2B5E34BBD5B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48t-afi:-:*:*:*:*:*:*:*", matchCriteriaId: "EEEDB14F-E74A-4C48-A969-1D22D7F7C7C8", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48t-dc:-:*:*:*:*:*:*:*", matchCriteriaId: "CBE3866E-109E-479F-9FFE-3F6E81C0DE7C", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48t-dc-afi:-:*:*:*:*:*:*:*", matchCriteriaId: "8A17D793-5F01-4818-956D-D6BC5A6C4CEE", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48t-s:-:*:*:*:*:*:*:*", matchCriteriaId: "EF4C3E8E-C8B4-42A5-8DB6-7E8114FCC030", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48tafi:-:*:*:*:*:*:*:*", matchCriteriaId: "77AF34EC-A154-4042-BE0B-B2BA9EEDEE93", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48tdc:-:*:*:*:*:*:*:*", matchCriteriaId: "E9FD3D9F-B49C-48EC-8AE1-FE3B399809DE", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48tdc-afi:-:*:*:*:*:*:*:*", matchCriteriaId: "10DC1840-7409-4BD0-9522-B55B1166CF9C", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-mp:-:*:*:*:*:*:*:*", matchCriteriaId: "F9EECCB3-37B3-4146-8F8C-4BBFF84499E9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "303ADB06-5CB5-44DA-8387-39FACC539EF0", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300_multigigabit:-:*:*:*:*:*:*:*", matchCriteriaId: "5B410BA4-181A-4241-A95E-2238CE1627A3", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300m:-:*:*:*:*:*:*:*", matchCriteriaId: "F07B0E0B-D2F2-4CF1-A8EA-A1E8DE83BBB4", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4400:-:*:*:*:*:*:*:*", matchCriteriaId: "4B43F6CB-0595-4957-8B3B-ADD4EA84D8C2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4400-24x:-:*:*:*:*:*:*:*", matchCriteriaId: "1EEC1C95-E6B2-4364-88AD-C69EC00353FE", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4400_multigigabit:-:*:*:*:*:*:*:*", matchCriteriaId: "5D77FA1A-4B09-4184-A03E-AE4831C9BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4500:-:*:*:*:*:*:*:*", matchCriteriaId: "DDEE8AE4-B393-442C-AD68-4AC43E76A8F3", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4500-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "9D842407-7A13-47C7-BBC9-FB0E978221CB", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4550:-:*:*:*:*:*:*:*", matchCriteriaId: "D7E98077-92AF-4E3E-96F0-2E6F9D6343D9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4550-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "0B84C72A-C314-46FB-8DD8-1DF29C6C4B0D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4550\\/vc:-:*:*:*:*:*:*:*", matchCriteriaId: "3612D798-7A5F-4068-A5A2-92173893450E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*", matchCriteriaId: "D1BB20B5-EA30-4E8E-9055-2E629648436A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4600-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "A3ECB975-D1A0-4318-9C5E-752A3C98F76F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*", matchCriteriaId: "2B425BB1-3C78-42B1-A6C1-216E514191F0", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex6200:-:*:*:*:*:*:*:*", matchCriteriaId: "F6CC1C89-B37F-4C5F-9F79-12997C79711D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex6210:-:*:*:*:*:*:*:*", matchCriteriaId: "71FF88C7-89CB-4E04-BADA-AD64F8060C6C", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex8200:-:*:*:*:*:*:*:*", matchCriteriaId: "4AFE829C-325D-4E66-A6A2-A81BE8BCAB72", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex8200-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "B74B12A6-1CE2-4293-ABA5-E3F23E15485C", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex8208:-:*:*:*:*:*:*:*", matchCriteriaId: "72E67A5A-0DFF-42D9-81A7-570E9BCA463D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex8216:-:*:*:*:*:*:*:*", matchCriteriaId: "B51C5371-51E9-40AE-8619-BC1267DD1D08", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9200:-:*:*:*:*:*:*:*", matchCriteriaId: "D08A8D94-134A-41E7-8396-70D8B0735E9C", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*", matchCriteriaId: "86E82CE3-F43D-4B29-A64D-B14ADB6CC357", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*", matchCriteriaId: "13C0199E-B9F0-41D3-B625-083990517CDF", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9214:-:*:*:*:*:*:*:*", matchCriteriaId: "8790B456-DFC7-4E82-9A0C-C89787139B79", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9250:-:*:*:*:*:*:*:*", matchCriteriaId: "1CCB1E61-07A1-40B0-B616-F1A6E06D11C4", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9251:-:*:*:*:*:*:*:*", matchCriteriaId: "079290E9-DCC5-43F7-9480-64874DBF2696", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9253:-:*:*:*:*:*:*:*", matchCriteriaId: "2EA71434-CCBF-4A55-8B30-D213A43E8641", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", matchCriteriaId: "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", matchCriteriaId: "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", matchCriteriaId: "927EAB8B-EC3B-4B12-85B9-5517EBA49A30", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEBF85C-736A-4E7D-956A-3E8210D4F70B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*", matchCriteriaId: "4AE06B18-BFB5-4029-A05D-386CFBFBF683", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", matchCriteriaId: "CD647C15-A686-4C8F-A766-BC29404C0FED", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", matchCriteriaId: "45AB1622-1AED-4CD7-98F1-67779CDFC321", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*", matchCriteriaId: "48A1DCCD-208C-46D9-8E14-89592B49AB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", matchCriteriaId: "89276D88-3B8D-4168-A2CD-0920297485F2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*", matchCriteriaId: "E020556B-693F-4963-BA43-3164AB50FA49", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*", matchCriteriaId: "AB0D31FF-0812-42B8-B25E-03C35EC1B021", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", matchCriteriaId: "80F9DC32-5ADF-4430-B1A6-357D0B29DB78", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", matchCriteriaId: "8B82D4C4-7A65-409A-926F-33C054DCBFBA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", matchCriteriaId: "746C3882-2A5B-4215-B259-EB1FD60C513D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", matchCriteriaId: "CE535749-F4CE-4FFA-B23D-BF09C92481E5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", matchCriteriaId: "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", matchCriteriaId: "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*", matchCriteriaId: "06A03463-6B1D-4DBA-9E89-CAD5E899B98B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F6F5-4347-49D3-909A-27A3A96D36C9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*", matchCriteriaId: "826F893F-7B06-43B5-8653-A8D9794C052E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", matchCriteriaId: "56BA6B86-D3F4-4496-AE46-AC513C6560FA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*", matchCriteriaId: "462CFD52-D3E2-4F7A-98AC-C589D2420556", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*", matchCriteriaId: "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", matchCriteriaId: "2FDDC897-747F-44DD-9599-7266F9B5B7B1", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", matchCriteriaId: "62FC145A-D477-4C86-89E7-F70F52773801", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*", matchCriteriaId: "06685D0E-A075-49A5-9EF4-34F0F795C8C6", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*", matchCriteriaId: "52F0B735-8C49-4B08-950A-296C9CDE43CA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", matchCriteriaId: "68CA098D-CBE4-4E62-9EC0-43E1B6098710", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", matchCriteriaId: "66F474D4-79B6-4525-983C-9A9011BD958B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", matchCriteriaId: "8AA424D4-4DBF-4E8C-96B8-E37741B5403E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Missing Authentication for Critical Function vulnerability combined with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to access sensitive system information.\n\nWhen a user logs in, a temporary file which contains the configuration of the device (as visible to that user) is created in the /cache folder. An unauthenticated attacker can then attempt to access such a file by sending a specific request to the device trying to guess the name of such a file. Successful exploitation will reveal configuration information.\n\nThis issue affects Juniper Networks Junos OS on SRX Series and EX Series:\n * All versions earlier than 20.4R3-S9;\n * 21.2 versions earlier than 21.2R3-S7;\n * 21.3 versions earlier than 21.3R3-S5;\n * 21.4 versions earlier than 21.4R3-S6;\n * 22.1 versions earlier than 22.1R3-S5;\n * 22.2 versions earlier than 22.2R3-S3;\n * 22.3 versions earlier than 22.3R3-S2;\n * 22.4 versions earlier than 22.4R3;\n * 23.2 versions earlier than 23.2R1-S2, 23.2R2.\n\n\n", }, { lang: "es", value: "Una vulnerabilidad de autenticación faltante para función crítica combinada con una vulnerabilidad de generación de mensaje de error que contiene información confidencial en J-Web de Juniper Networks Junos OS en las series SRX y EX permite que un atacante basado en red no autenticado acceda a información confidencial del sistema. Cuando un usuario inicia sesión, se crea un archivo temporal que contiene la configuración del dispositivo (como es visible para ese usuario) en la carpeta /cache. Un atacante no autenticado puede intentar acceder a dicho archivo enviando una solicitud específica al dispositivo para intentar adivinar el nombre de dicho archivo. La explotación exitosa revelará información de configuración. Este problema afecta a Juniper Networks Junos OS en las series SRX y EX: * Todas las versiones anteriores a 20.4R3-S9; * Versiones 21.2 anteriores a 21.2R3-S7; * Versiones 21.3 anteriores a 21.3R3-S5; * Versiones 21.4 anteriores a 21.4R3-S6; * Versiones 22.1 anteriores a 22.1R3-S5; * Versiones 22.2 anteriores a 22.2R3-S3; * Versiones 22.3 anteriores a 22.3R3-S2; * Versiones 22.4 anteriores a 22.4R3; * Versiones 23.2 anteriores a 23.2R1-S2, 23.2R2.", }, ], id: "CVE-2024-21619", lastModified: "2024-11-21T08:54:44.270", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "sirt@juniper.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-25T23:15:09.467", references: [ { source: "sirt@juniper.net", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA76390", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA76390", }, ], sourceIdentifier: "sirt@juniper.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-209", }, { lang: "en", value: "CWE-306", }, ], source: "sirt@juniper.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-209", }, { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-01-25 23:15
Modified
2024-11-21 08:54
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's permissions, including an administrator.
A specific invocation of the emit_debug_note method in webauth_operation.php will echo back the data it receives.
This issue affects Juniper Networks Junos OS on SRX Series and EX Series:
* All versions earlier than 20.4R3-S10;
* 21.2 versions earlier than 21.2R3-S8;
* 21.4 versions earlier than 21.4R3-S6;
* 22.1 versions earlier than 22.1R3-S5;
* 22.2 versions earlier than 22.2R3-S3;
* 22.3 versions earlier than 22.3R3-S2;
* 22.4 versions earlier than 22.4R3-S1;
* 23.2 versions earlier than 23.2R2;
* 23.4 versions earlier than 23.4R2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA76390 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA76390 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", matchCriteriaId: "E3A96966-5060-4139-A124-D4E2C879FD6C", versionEndExcluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", matchCriteriaId: "3D361B23-A3C2-444B-BEB8-E231DA950567", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", matchCriteriaId: "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "037BA01C-3F5C-4503-A633-71765E9EF774", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", matchCriteriaId: "C54B047C-4B38-40C0-9855-067DCF7E48BD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "38984199-E332-4A9C-A4C0-78083D052E15", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "AA6526FB-2941-4D18-9B2E-472AD5A62A53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", matchCriteriaId: "09876787-A40A-4340-9C12-8628C325353B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "41615104-C17E-44DA-AB0D-6E2053BD4EF4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "1981DE38-36B5-469D-917E-92717EE3ED53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "AFA68ACD-AAE5-4577-B734-23AAF77BC85A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "65948ABC-22BB-46D5-8545-0806EDB4B86E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*", matchCriteriaId: "283E41CB-9A90-4521-96DC-F31AA592CFD8", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*", matchCriteriaId: "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*", matchCriteriaId: "977DEF80-0DB5-4828-97AC-09BB3111D585", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s8:*:*:*:*:*:*", matchCriteriaId: "C445622E-8E57-4990-A71A-E1993BFCB91A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s9:*:*:*:*:*:*", matchCriteriaId: "0CED6FFE-1854-4BB0-8DB5-D2D756E68CAC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", matchCriteriaId: "216E7DDE-453D-481F-92E2-9F8466CDDA3F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", matchCriteriaId: "A52AF794-B36B-43A6-82E9-628658624B0A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "3998DC76-F72F-4452-9150-652140B113EB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "36ED4552-2420-45F9-B6E4-6DA2B2B12870", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", matchCriteriaId: "C28A14E7-7EA0-4757-9764-E39A27CFDFA5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "4A43752D-A4AF-4B4E-B95B-192E42883A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "42986538-E9D0-4C2E-B1C4-A763A4EE451B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", matchCriteriaId: "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "E596ABD9-6ECD-48DC-B770-87B7E62EA345", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "71745D02-D226-44DC-91AD-678C85F5E6FC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*", matchCriteriaId: "39E44B09-7310-428C-8144-AE9DB0484D1F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*", matchCriteriaId: "53938295-8999-4316-9DED-88E24D037852", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*", matchCriteriaId: "2307BF56-640F-49A8-B060-6ACB0F653A61", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*", matchCriteriaId: "737DDF96-7B1D-44E2-AD0F-E2F50858B2A3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s7:*:*:*:*:*:*", matchCriteriaId: "35E0BB39-18AE-4FAD-A528-FDFF6222DDE5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", matchCriteriaId: "79ED3CE8-CC57-43AB-9A26-BBC87816062D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", matchCriteriaId: "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "9962B01C-C57C-4359-9532-676AB81CE8B0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "62178549-B679-4902-BFDB-2993803B7FCE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", matchCriteriaId: "9AD697DF-9738-4276-94ED-7B9380CD09F5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "09FF5818-0803-4646-A386-D7C645EE58A3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "2229FA59-EB24-49A2-85CE-F529A8DE6BA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*", matchCriteriaId: "0CB280D8-C5D8-4B51-A879-496ACCDE4538", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "5F3F54F1-75B3-400D-A735-2C27C8CEBE79", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "0A5B196A-2AF1-4AE5-9148-A75A572807BC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "3B457616-2D91-4913-9A7D-038BBF8F1F66", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*", matchCriteriaId: "C470FB4E-A927-4AF3-ACB0-AD1E264218B7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*", matchCriteriaId: "9D157211-535E-4B2D-B2FE-F697FAFDF65C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", matchCriteriaId: "3F96EBE9-2532-4E35-ABA5-CA68830476A4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", matchCriteriaId: "B4D936AE-FD74-4823-A824-2D9F24C25BFB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*", matchCriteriaId: "E117E493-F4E1-4568-88E3-F243C74A2662", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*", matchCriteriaId: "01E3E308-FD9C-4686-8C35-8472A0E99F0D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*", matchCriteriaId: "3683A8F5-EE0E-4936-A005-DF7F6B75DED3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*", matchCriteriaId: "1B615DBA-8C53-41D4-B264-D3EED8578471", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*", matchCriteriaId: "B3124DD0-9E42-4896-9060-CB7DD07FC342", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*", matchCriteriaId: "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*", matchCriteriaId: "D49FFB60-BA71-4902-9404-E67162919ADC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3-s3:*:*:*:*:*:*", matchCriteriaId: "EFF72FCA-C440-4D43-9BDB-F712DB413717", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3-s4:*:*:*:*:*:*", matchCriteriaId: "DE69E9E3-00FC-41BF-9109-617668CF9A0B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*", matchCriteriaId: "06156CD6-09D3-4A05-9C5E-BC64A70640F9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", matchCriteriaId: "E949B21B-AD62-4022-9088-06313277479E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "8D862E6F-0D01-4B25-8340-888C30F75A2F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "2F28F73E-8563-41B9-A313-BBAAD5B57A67", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", matchCriteriaId: "E37D4694-C80B-475E-AB5B-BB431F59C5E1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "5EC0D2D2-4922-4675-8A2C-57A08D7BE334", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*", matchCriteriaId: "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "786F993E-32CB-492A-A7CC-A7E4F48EA8B9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*", matchCriteriaId: "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", matchCriteriaId: "19519212-51DD-4448-B115-8A20A40192CC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "5CC9909E-AE9F-414D-99B1-83AA04D5297B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "FDE9E767-4713-4EA2-8D00-1382975A4A15", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*", matchCriteriaId: "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "574730B0-56C8-4A03-867B-1737148ED9B1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "20EBC676-1B26-4A71-8326-0F892124290A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*", matchCriteriaId: "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:*", matchCriteriaId: "8BCDE58C-80CC-4C5A-9667-8A4468D8D76C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*", matchCriteriaId: "1379EF30-AF04-4F98-8328-52A631F24737", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*", matchCriteriaId: "28E42A41-7965-456B-B0AF-9D3229CE4D4C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "CB1A77D6-D3AD-481B-979C-8F778530B175", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "3A064B6B-A99B-4D8D-A62D-B00C7870BC30", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*", matchCriteriaId: "40813417-A938-4F74-A419-8C5188A35486", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "7FC1BA1A-DF0E-4B15-86BA-24C60E546732", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "EBB967BF-3495-476D-839A-9DBFCBE69F91", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*", matchCriteriaId: "7E5688D6-DCA4-4550-9CD1-A3D792252129", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*", matchCriteriaId: "1A78CC80-E8B1-4CDA-BB35-A61833657FA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*", matchCriteriaId: "4B3B2FE1-C228-46BE-AC76-70C2687050AE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "F1B16FF0-900F-4AEE-B670-A537139F6909", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "B227E831-30FF-4BE1-B8B2-31829A5610A6", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*", matchCriteriaId: "BE8A5BA3-87BD-473A-B229-2AAB2C797005", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:juniper:ex_redundant_power_system:-:*:*:*:*:*:*:*", matchCriteriaId: "BFE03C4A-3FA7-43FC-8801-4F1566B54388", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex_rps:-:*:*:*:*:*:*:*", matchCriteriaId: "42877394-A0A1-4136-A1D3-D287BFCC85E5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2200:-:*:*:*:*:*:*:*", matchCriteriaId: "AE3D4F71-8476-4F0D-A976-A308D6483D6D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2200-c:-:*:*:*:*:*:*:*", matchCriteriaId: "F7BD5636-93D5-4C06-964F-00055DF6B2B8", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2200-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "D066A90D-F7F2-4EA5-8F0C-D0E189DDB05D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*", matchCriteriaId: "3B3302CB-457F-4BD2-B80B-F70FB4C4542E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-24mp:-:*:*:*:*:*:*:*", matchCriteriaId: "B3A0D9C0-34D3-430F-ABFA-B68010A8825D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-24p:-:*:*:*:*:*:*:*", matchCriteriaId: "5E04B126-F290-4242-BB80-5F573D623E6E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-24t:-:*:*:*:*:*:*:*", matchCriteriaId: "671D9977-7657-48C7-A07C-4AED54380A86", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-48mp:-:*:*:*:*:*:*:*", matchCriteriaId: "0E100C3C-070D-4132-927F-756538B91491", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-48p:-:*:*:*:*:*:*:*", matchCriteriaId: "2032E7DD-96FD-48B7-922C-5FE04675796C", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-48t:-:*:*:*:*:*:*:*", matchCriteriaId: "2D907D6A-B7C4-4A10-AA58-0F908575A435", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*", matchCriteriaId: "979C3597-C53B-4F4B-9EA7-126DA036C86D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300_multigigabit:-:*:*:*:*:*:*:*", matchCriteriaId: "332F4692-7E33-4FB6-9DE2-09E0A0068DB2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex2300m:-:*:*:*:*:*:*:*", matchCriteriaId: "62A536DA-5A57-4255-AB22-F99F8B7FF62A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex3200:-:*:*:*:*:*:*:*", matchCriteriaId: "4C7A20FC-A19F-4881-A0E8-C440E9FE60D0", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex3300:-:*:*:*:*:*:*:*", matchCriteriaId: "FC326549-217D-4194-8310-AB398D6FF3F0", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex3300-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "D32B9B26-8BF0-4C56-A9BF-D9BBAEA50506", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*", matchCriteriaId: "47DAF5E7-E610-4D74-8573-41C16D642837", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4100:-:*:*:*:*:*:*:*", matchCriteriaId: "C2521C83-E8F2-4621-9727-75BB3FC11E64", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4100-f:-:*:*:*:*:*:*:*", matchCriteriaId: "6F496D19-D28C-4517-90A3-90EC62BC5D79", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4100_multigigabit:-:*:*:*:*:*:*:*", matchCriteriaId: "AC6E4532-5DD9-45D4-996A-37C7E5742856", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*", matchCriteriaId: "53269C69-3D1E-4F05-8EF6-81743D7A699E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4200-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "E0F54ADF-7C13-4AA6-B61E-627D4DBB1CF3", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*", matchCriteriaId: "E594D6DC-87F6-40D2-8268-ED6021462168", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-24p:-:*:*:*:*:*:*:*", matchCriteriaId: "7BEA4BC3-093F-4DE6-BED1-2C7D2FC2C8A5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-24p-s:-:*:*:*:*:*:*:*", matchCriteriaId: "592377CC-4044-4FDD-A3DF-CBF25754EE4D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-24t:-:*:*:*:*:*:*:*", matchCriteriaId: "D12E8275-EF6B-44F9-A7D8-A769CDB5EED5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-24t-s:-:*:*:*:*:*:*:*", matchCriteriaId: "D3E63215-246E-49F3-A537-8A90D512DAB0", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-32f:-:*:*:*:*:*:*:*", matchCriteriaId: "AD1A5E69-928A-41A0-8B9B-91F307D99854", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-32f-dc:-:*:*:*:*:*:*:*", matchCriteriaId: "2B71953D-016D-4E72-B598-55667A507681", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-32f-s:-:*:*:*:*:*:*:*", matchCriteriaId: "CABBC37B-EB93-424D-A1E7-4686039C0955", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48mp:-:*:*:*:*:*:*:*", matchCriteriaId: "24526B69-E3E3-4249-80A4-A886BED5C07E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48mp-s:-:*:*:*:*:*:*:*", matchCriteriaId: "B2209605-65B6-44B3-9700-9EC543BF2408", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48p:-:*:*:*:*:*:*:*", matchCriteriaId: "C3C348CF-65C1-4A53-8F4F-99B5A4113679", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48p-s:-:*:*:*:*:*:*:*", matchCriteriaId: "60CB5F91-DC40-4D09-BB93-4539B8581877", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48t:-:*:*:*:*:*:*:*", matchCriteriaId: "ADE8EB69-95DD-44E9-80A6-F2B5E34BBD5B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48t-afi:-:*:*:*:*:*:*:*", matchCriteriaId: "EEEDB14F-E74A-4C48-A969-1D22D7F7C7C8", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48t-dc:-:*:*:*:*:*:*:*", matchCriteriaId: "CBE3866E-109E-479F-9FFE-3F6E81C0DE7C", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48t-dc-afi:-:*:*:*:*:*:*:*", matchCriteriaId: "8A17D793-5F01-4818-956D-D6BC5A6C4CEE", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48t-s:-:*:*:*:*:*:*:*", matchCriteriaId: "EF4C3E8E-C8B4-42A5-8DB6-7E8114FCC030", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48tafi:-:*:*:*:*:*:*:*", matchCriteriaId: "77AF34EC-A154-4042-BE0B-B2BA9EEDEE93", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48tdc:-:*:*:*:*:*:*:*", matchCriteriaId: "E9FD3D9F-B49C-48EC-8AE1-FE3B399809DE", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-48tdc-afi:-:*:*:*:*:*:*:*", matchCriteriaId: "10DC1840-7409-4BD0-9522-B55B1166CF9C", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-mp:-:*:*:*:*:*:*:*", matchCriteriaId: "F9EECCB3-37B3-4146-8F8C-4BBFF84499E9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "303ADB06-5CB5-44DA-8387-39FACC539EF0", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300_multigigabit:-:*:*:*:*:*:*:*", matchCriteriaId: "5B410BA4-181A-4241-A95E-2238CE1627A3", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4300m:-:*:*:*:*:*:*:*", matchCriteriaId: "F07B0E0B-D2F2-4CF1-A8EA-A1E8DE83BBB4", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4400:-:*:*:*:*:*:*:*", matchCriteriaId: "4B43F6CB-0595-4957-8B3B-ADD4EA84D8C2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4400-24x:-:*:*:*:*:*:*:*", matchCriteriaId: "1EEC1C95-E6B2-4364-88AD-C69EC00353FE", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4400_multigigabit:-:*:*:*:*:*:*:*", matchCriteriaId: "5D77FA1A-4B09-4184-A03E-AE4831C9BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4500:-:*:*:*:*:*:*:*", matchCriteriaId: "DDEE8AE4-B393-442C-AD68-4AC43E76A8F3", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4500-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "9D842407-7A13-47C7-BBC9-FB0E978221CB", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4550:-:*:*:*:*:*:*:*", matchCriteriaId: "D7E98077-92AF-4E3E-96F0-2E6F9D6343D9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4550-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "0B84C72A-C314-46FB-8DD8-1DF29C6C4B0D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4550\\/vc:-:*:*:*:*:*:*:*", matchCriteriaId: "3612D798-7A5F-4068-A5A2-92173893450E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*", matchCriteriaId: "D1BB20B5-EA30-4E8E-9055-2E629648436A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4600-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "A3ECB975-D1A0-4318-9C5E-752A3C98F76F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*", matchCriteriaId: "2B425BB1-3C78-42B1-A6C1-216E514191F0", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex6200:-:*:*:*:*:*:*:*", matchCriteriaId: "F6CC1C89-B37F-4C5F-9F79-12997C79711D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex6210:-:*:*:*:*:*:*:*", matchCriteriaId: "71FF88C7-89CB-4E04-BADA-AD64F8060C6C", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex8200:-:*:*:*:*:*:*:*", matchCriteriaId: "4AFE829C-325D-4E66-A6A2-A81BE8BCAB72", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex8200-vc:-:*:*:*:*:*:*:*", matchCriteriaId: "B74B12A6-1CE2-4293-ABA5-E3F23E15485C", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex8208:-:*:*:*:*:*:*:*", matchCriteriaId: "72E67A5A-0DFF-42D9-81A7-570E9BCA463D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex8216:-:*:*:*:*:*:*:*", matchCriteriaId: "B51C5371-51E9-40AE-8619-BC1267DD1D08", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9200:-:*:*:*:*:*:*:*", matchCriteriaId: "D08A8D94-134A-41E7-8396-70D8B0735E9C", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*", matchCriteriaId: "86E82CE3-F43D-4B29-A64D-B14ADB6CC357", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*", matchCriteriaId: "13C0199E-B9F0-41D3-B625-083990517CDF", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9214:-:*:*:*:*:*:*:*", matchCriteriaId: "8790B456-DFC7-4E82-9A0C-C89787139B79", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9250:-:*:*:*:*:*:*:*", matchCriteriaId: "1CCB1E61-07A1-40B0-B616-F1A6E06D11C4", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9251:-:*:*:*:*:*:*:*", matchCriteriaId: "079290E9-DCC5-43F7-9480-64874DBF2696", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:ex9253:-:*:*:*:*:*:*:*", matchCriteriaId: "2EA71434-CCBF-4A55-8B30-D213A43E8641", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", matchCriteriaId: "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", matchCriteriaId: "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", matchCriteriaId: "927EAB8B-EC3B-4B12-85B9-5517EBA49A30", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEBF85C-736A-4E7D-956A-3E8210D4F70B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*", matchCriteriaId: "4AE06B18-BFB5-4029-A05D-386CFBFBF683", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", matchCriteriaId: "CD647C15-A686-4C8F-A766-BC29404C0FED", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", matchCriteriaId: "45AB1622-1AED-4CD7-98F1-67779CDFC321", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*", matchCriteriaId: "48A1DCCD-208C-46D9-8E14-89592B49AB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", matchCriteriaId: "89276D88-3B8D-4168-A2CD-0920297485F2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*", matchCriteriaId: "E020556B-693F-4963-BA43-3164AB50FA49", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*", matchCriteriaId: "AB0D31FF-0812-42B8-B25E-03C35EC1B021", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", matchCriteriaId: "80F9DC32-5ADF-4430-B1A6-357D0B29DB78", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", matchCriteriaId: "8B82D4C4-7A65-409A-926F-33C054DCBFBA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", matchCriteriaId: "746C3882-2A5B-4215-B259-EB1FD60C513D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", matchCriteriaId: "CE535749-F4CE-4FFA-B23D-BF09C92481E5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", matchCriteriaId: "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", matchCriteriaId: "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*", matchCriteriaId: "06A03463-6B1D-4DBA-9E89-CAD5E899B98B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F6F5-4347-49D3-909A-27A3A96D36C9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*", matchCriteriaId: "826F893F-7B06-43B5-8653-A8D9794C052E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", matchCriteriaId: "56BA6B86-D3F4-4496-AE46-AC513C6560FA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*", matchCriteriaId: "462CFD52-D3E2-4F7A-98AC-C589D2420556", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*", matchCriteriaId: "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", matchCriteriaId: "2FDDC897-747F-44DD-9599-7266F9B5B7B1", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", matchCriteriaId: "62FC145A-D477-4C86-89E7-F70F52773801", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*", matchCriteriaId: "06685D0E-A075-49A5-9EF4-34F0F795C8C6", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*", matchCriteriaId: "52F0B735-8C49-4B08-950A-296C9CDE43CA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", matchCriteriaId: "68CA098D-CBE4-4E62-9EC0-43E1B6098710", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", matchCriteriaId: "66F474D4-79B6-4525-983C-9A9011BD958B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", matchCriteriaId: "8AA424D4-4DBF-4E8C-96B8-E37741B5403E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's permissions, including an administrator.\n\nA specific invocation of the emit_debug_note method in webauth_operation.php will echo back the data it receives.\n\nThis issue affects Juniper Networks Junos OS on SRX Series and EX Series:\n * All versions earlier than 20.4R3-S10;\n * 21.2 versions earlier than 21.2R3-S8;\n * 21.4 versions earlier than 21.4R3-S6;\n * 22.1 versions earlier than 22.1R3-S5;\n * 22.2 versions earlier than 22.2R3-S3;\n * 22.3 versions earlier than 22.3R3-S2;\n * 22.4 versions earlier than 22.4R3-S1;\n * 23.2 versions earlier than 23.2R2;\n * 23.4 versions earlier than 23.4R2.\n\n\n", }, { lang: "es", value: "Una vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Cross-site Scripting') en J-Web de Juniper Networks Junos OS en las series SRX y EX permite a un atacante construir una URL que, cuando la visita otro usuario, le permite ejecutar comandos con los permisos del objetivo, incluido un administrador. Una invocación específica del método emit_debug_note en webauth_operation.php devolverá los datos que recibe. Este problema afecta a Juniper Networks Junos OS en las series SRX y EX: * Todas las versiones anteriores a 20.4R3-S10; * Versiones 21.2 anteriores a 21.2R3-S8; * Versiones 21.4 anteriores a 21.4R3-S6; * Versiones 22.1 anteriores a 22.1R3-S5; * Versiones 22.2 anteriores a 22.2R3-S3; * Versiones 22.3 anteriores a 22.3R3-S2; * Versiones 22.4 anteriores a 22.4R3-S1; * Versiones 23.2 anteriores a 23.2R2; * Versiones 23.4 anteriores a 23.4R2.", }, ], id: "CVE-2024-21620", lastModified: "2024-11-21T08:54:44.457", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "sirt@juniper.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-01-25T23:15:09.680", references: [ { source: "sirt@juniper.net", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA76390", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA76390", }, ], sourceIdentifier: "sirt@juniper.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "sirt@juniper.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-10-13 00:15
Modified
2024-11-21 08:25
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
An Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated network-based attacker to cause an integrity impact in connected networks.
If the SIP ALG is configured and a device receives a specifically malformed SIP packet, the device prevents this packet from being forwarded, but any subsequently received retransmissions of the same packet are forwarded as if they were valid.
This issue affects Juniper Networks Junos OS on SRX Series and MX Series:
* 20.4 versions prior to 20.4R3-S5;
* 21.1 versions prior to 21.1R3-S4;
* 21.2 versions prior to 21.2R3-S4;
* 21.3 versions prior to 21.3R3-S3;
* 21.4 versions prior to 21.4R3-S2;
* 22.1 versions prior to 22.1R2-S2, 22.1R3;
* 22.2 versions prior to 22.2R2-S1, 22.2R3;
* 22.3 versions prior to 22.3R1-S2, 22.3R2.
This issue doesn't not affected releases prior to 20.4R1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA73164 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA73164 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", matchCriteriaId: "E3A96966-5060-4139-A124-D4E2C879FD6C", versionEndExcluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", matchCriteriaId: "3D361B23-A3C2-444B-BEB8-E231DA950567", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", matchCriteriaId: "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "037BA01C-3F5C-4503-A633-71765E9EF774", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", matchCriteriaId: "C54B047C-4B38-40C0-9855-067DCF7E48BD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "38984199-E332-4A9C-A4C0-78083D052E15", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "AA6526FB-2941-4D18-9B2E-472AD5A62A53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", matchCriteriaId: "09876787-A40A-4340-9C12-8628C325353B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "41615104-C17E-44DA-AB0D-6E2053BD4EF4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "1981DE38-36B5-469D-917E-92717EE3ED53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "AFA68ACD-AAE5-4577-B734-23AAF77BC85A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "65948ABC-22BB-46D5-8545-0806EDB4B86E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*", matchCriteriaId: "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", matchCriteriaId: "625BA7E6-D2AD-4A48-9B94-24328BE5B06A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", matchCriteriaId: "F462F4E3-762C-429F-8D25-5521100DD37C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*", matchCriteriaId: "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*", matchCriteriaId: "689FE1AE-7A85-4FB6-AB02-E732F23581B6", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*", matchCriteriaId: "79E56DAC-75AD-4C81-9835-634B40C15DA6", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*", matchCriteriaId: "A0040FE2-7ECD-4755-96CE-E899BA298E0C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*", matchCriteriaId: "076AB086-BB79-4583-AAF7-A5233DFB2F95", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*", matchCriteriaId: "72E2DDF6-01DF-4880-AB60-B3DA3281E88D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*", matchCriteriaId: "54010163-0810-4CF5-95FE-7E62BC6CA4F9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", matchCriteriaId: "216E7DDE-453D-481F-92E2-9F8466CDDA3F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", matchCriteriaId: "A52AF794-B36B-43A6-82E9-628658624B0A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "3998DC76-F72F-4452-9150-652140B113EB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "36ED4552-2420-45F9-B6E4-6DA2B2B12870", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", matchCriteriaId: "C28A14E7-7EA0-4757-9764-E39A27CFDFA5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "4A43752D-A4AF-4B4E-B95B-192E42883A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "42986538-E9D0-4C2E-B1C4-A763A4EE451B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", matchCriteriaId: "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "E596ABD9-6ECD-48DC-B770-87B7E62EA345", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "71745D02-D226-44DC-91AD-678C85F5E6FC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*", matchCriteriaId: "39E44B09-7310-428C-8144-AE9DB0484D1F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*", matchCriteriaId: "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", matchCriteriaId: "CC78A4CB-D617-43FC-BB51-287D2D0C44ED", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "30FF67F8-1E3C-47A8-8859-709B3614BA6E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "0C7C507E-C85E-4BC6-A3B0-549516BAB524", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*", matchCriteriaId: "6514CDE8-35DC-469F-89A3-078684D18F7A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "4624565D-8F59-44A8-B7A8-01AD579745E7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*", matchCriteriaId: "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*", matchCriteriaId: "255B6F20-D32F-42C1-829C-AE9C7923558A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*", matchCriteriaId: "90AE30DB-C448-4FE9-AC11-FF0F27CDA227", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", matchCriteriaId: "79ED3CE8-CC57-43AB-9A26-BBC87816062D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", matchCriteriaId: "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "9962B01C-C57C-4359-9532-676AB81CE8B0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "62178549-B679-4902-BFDB-2993803B7FCE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", matchCriteriaId: "9AD697DF-9738-4276-94ED-7B9380CD09F5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "09FF5818-0803-4646-A386-D7C645EE58A3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "2229FA59-EB24-49A2-85CE-F529A8DE6BA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*", matchCriteriaId: "0CB280D8-C5D8-4B51-A879-496ACCDE4538", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "5F3F54F1-75B3-400D-A735-2C27C8CEBE79", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*", matchCriteriaId: "9D157211-535E-4B2D-B2FE-F697FAFDF65C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", matchCriteriaId: "3F96EBE9-2532-4E35-ABA5-CA68830476A4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", matchCriteriaId: "B4D936AE-FD74-4823-A824-2D9F24C25BFB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*", matchCriteriaId: "E117E493-F4E1-4568-88E3-F243C74A2662", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*", matchCriteriaId: "01E3E308-FD9C-4686-8C35-8472A0E99F0D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*", matchCriteriaId: "3683A8F5-EE0E-4936-A005-DF7F6B75DED3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*", matchCriteriaId: "B3124DD0-9E42-4896-9060-CB7DD07FC342", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*", matchCriteriaId: "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*", matchCriteriaId: "06156CD6-09D3-4A05-9C5E-BC64A70640F9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", matchCriteriaId: "E949B21B-AD62-4022-9088-06313277479E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "8D862E6F-0D01-4B25-8340-888C30F75A2F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "2F28F73E-8563-41B9-A313-BBAAD5B57A67", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", matchCriteriaId: "E37D4694-C80B-475E-AB5B-BB431F59C5E1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "5EC0D2D2-4922-4675-8A2C-57A08D7BE334", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*", matchCriteriaId: "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", matchCriteriaId: "19519212-51DD-4448-B115-8A20A40192CC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "5CC9909E-AE9F-414D-99B1-83AA04D5297B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "FDE9E767-4713-4EA2-8D00-1382975A4A15", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*", matchCriteriaId: "D5627740-42E3-4FB1-B8B9-0B768AFFA1EC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx10004:-:*:*:*:*:*:*:*", matchCriteriaId: "84F7BB7E-3A52-4C23-A4D2-50E75C912AFC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*", matchCriteriaId: "D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*", matchCriteriaId: "2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*", matchCriteriaId: "27175D9A-CA2C-4218-8042-835E25DFCA43", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*", matchCriteriaId: "00C7FC57-8ACF-45AA-A227-7E3B350FD24F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*", matchCriteriaId: "2754C2DF-DF6E-4109-9463-38B4E0465B77", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*", matchCriteriaId: "F4A26704-A6A4-4C4F-9E12-A0A0259491EF", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx304:-:*:*:*:*:*:*:*", matchCriteriaId: "3F7FB0CC-624D-4AB9-A7AC-BB19838C3B22", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*", matchCriteriaId: "104858BD-D31D-40E0-8524-2EC311F10EAC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E08E1E-0FE4-4294-9497-BBFFECA2A220", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEBF85C-736A-4E7D-956A-3E8210D4F70B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*", matchCriteriaId: "4AE06B18-BFB5-4029-A05D-386CFBFBF683", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*", matchCriteriaId: "48A1DCCD-208C-46D9-8E14-89592B49AB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", matchCriteriaId: "80F9DC32-5ADF-4430-B1A6-357D0B29DB78", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", matchCriteriaId: "8B82D4C4-7A65-409A-926F-33C054DCBFBA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", matchCriteriaId: "CE535749-F4CE-4FFA-B23D-BF09C92481E5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", matchCriteriaId: "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F6F5-4347-49D3-909A-27A3A96D36C9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*", matchCriteriaId: "826F893F-7B06-43B5-8653-A8D9794C052E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", matchCriteriaId: "56BA6B86-D3F4-4496-AE46-AC513C6560FA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*", matchCriteriaId: "462CFD52-D3E2-4F7A-98AC-C589D2420556", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", matchCriteriaId: "2FDDC897-747F-44DD-9599-7266F9B5B7B1", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", matchCriteriaId: "62FC145A-D477-4C86-89E7-F70F52773801", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", matchCriteriaId: "68CA098D-CBE4-4E62-9EC0-43E1B6098710", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", matchCriteriaId: "66F474D4-79B6-4525-983C-9A9011BD958B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "\nAn Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated network-based attacker to cause an integrity impact in connected networks.\n\nIf the SIP ALG is configured and a device receives a specifically malformed SIP packet, the device prevents this packet from being forwarded, but any subsequently received retransmissions of the same packet are forwarded as if they were valid.\n\nThis issue affects Juniper Networks Junos OS on SRX Series and MX Series:\n\n\n\n * 20.4 versions prior to 20.4R3-S5;\n * 21.1 versions prior to 21.1R3-S4;\n * 21.2 versions prior to 21.2R3-S4;\n * 21.3 versions prior to 21.3R3-S3;\n * 21.4 versions prior to 21.4R3-S2;\n * 22.1 versions prior to 22.1R2-S2, 22.1R3;\n * 22.2 versions prior to 22.2R2-S1, 22.2R3;\n * 22.3 versions prior to 22.3R1-S2, 22.3R2.\n\n\n\n\nThis issue doesn't not affected releases prior to 20.4R1.\n\n\n\n", }, { lang: "es", value: "Una vulnerabilidad de Verificación Inadecuada de Condiciones Inusuales o Excepcionales en SIP ALG de Juniper Networks Junos OS en las series SRX y MX permite que un atacante basado en red no autenticado cause un impacto en la integridad de las redes conectadas. Si SIP ALG está configurado y un dispositivo recibe un paquete SIP específicamente mal formado, el dispositivo impide que este paquete se reenvíe, pero cualquier retransmisión recibida posteriormente del mismo paquete se reenvía como si fuera válida. Este problema afecta a Juniper Networks Junos OS en las series SRX y MX: * Versiones 20.4 anteriores a 20.4R3-S5; * Versiones 21.1 anteriores a 21.1R3-S4; * Versiones 21.2 anteriores a 21.2R3-S4; * Versiones 21.3 anteriores a 21.3R3-S3; * Versiones 21.4 anteriores a 21.4R3-S2; * Versiones 22.1 anteriores a 22.1R2-S2, 22.1R3; * Versiones 22.2 anteriores a 22.2R2-S1, 22.2R3; * Versiones 22.3 anteriores a 22.3R1-S2, 22.3R2. Este problema no afecta a las versiones anteriores a 20.4R1.", }, ], id: "CVE-2023-44198", lastModified: "2024-11-21T08:25:25.567", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "sirt@juniper.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-10-13T00:15:12.760", references: [ { source: "sirt@juniper.net", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA73164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA73164", }, ], sourceIdentifier: "sirt@juniper.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-754", }, ], source: "sirt@juniper.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-754", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-11 17:15
Modified
2025-04-11 14:50
Severity ?
Summary
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on SRX Series, and MX Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
When an affected device receives specific valid TCP traffic, the pfe crashes and restarts leading to a momentary but complete service outage.
This issue affects Junos OS:
21.2 releases from 21.2R3-S5 before 21.2R3-S6.
This issue does not affect earlier or later releases.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA83000 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA83000 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos | 21.2 | |
| juniper | csrx | - | |
| juniper | mx240 | - | |
| juniper | mx480 | - | |
| juniper | mx960 | - | |
| juniper | srx100 | - | |
| juniper | srx110 | - | |
| juniper | srx1400 | - | |
| juniper | srx1500 | - | |
| juniper | srx1600 | - | |
| juniper | srx210 | - | |
| juniper | srx220 | - | |
| juniper | srx2300 | - | |
| juniper | srx240 | - | |
| juniper | srx240h2 | - | |
| juniper | srx240m | - | |
| juniper | srx300 | - | |
| juniper | srx320 | - | |
| juniper | srx340 | - | |
| juniper | srx3400 | - | |
| juniper | srx345 | - | |
| juniper | srx3600 | - | |
| juniper | srx380 | - | |
| juniper | srx4000 | - | |
| juniper | srx4100 | - | |
| juniper | srx4200 | - | |
| juniper | srx4300 | - | |
| juniper | srx4600 | - | |
| juniper | srx4700 | - | |
| juniper | srx5000 | - | |
| juniper | srx5400 | - | |
| juniper | srx550 | - | |
| juniper | srx550_hm | - | |
| juniper | srx550m | - | |
| juniper | srx5600 | - | |
| juniper | srx5800 | - | |
| juniper | srx650 | - | |
| juniper | vsrx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*", matchCriteriaId: "2307BF56-640F-49A8-B060-6ACB0F653A61", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*", matchCriteriaId: "11D4A86D-BDB4-4A01-96FE-7E023C58074B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*", matchCriteriaId: "F4A26704-A6A4-4C4F-9E12-A0A0259491EF", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*", matchCriteriaId: "104858BD-D31D-40E0-8524-2EC311F10EAC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E08E1E-0FE4-4294-9497-BBFFECA2A220", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", matchCriteriaId: "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", matchCriteriaId: "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", matchCriteriaId: "927EAB8B-EC3B-4B12-85B9-5517EBA49A30", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEBF85C-736A-4E7D-956A-3E8210D4F70B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*", matchCriteriaId: "4AE06B18-BFB5-4029-A05D-386CFBFBF683", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", matchCriteriaId: "CD647C15-A686-4C8F-A766-BC29404C0FED", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", matchCriteriaId: "45AB1622-1AED-4CD7-98F1-67779CDFC321", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*", matchCriteriaId: "48A1DCCD-208C-46D9-8E14-89592B49AB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", matchCriteriaId: "89276D88-3B8D-4168-A2CD-0920297485F2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*", matchCriteriaId: "E020556B-693F-4963-BA43-3164AB50FA49", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*", matchCriteriaId: "AB0D31FF-0812-42B8-B25E-03C35EC1B021", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", matchCriteriaId: "80F9DC32-5ADF-4430-B1A6-357D0B29DB78", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", matchCriteriaId: "8B82D4C4-7A65-409A-926F-33C054DCBFBA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", matchCriteriaId: "746C3882-2A5B-4215-B259-EB1FD60C513D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", matchCriteriaId: "CE535749-F4CE-4FFA-B23D-BF09C92481E5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", matchCriteriaId: "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", matchCriteriaId: "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*", matchCriteriaId: "06A03463-6B1D-4DBA-9E89-CAD5E899B98B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F6F5-4347-49D3-909A-27A3A96D36C9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*", matchCriteriaId: "826F893F-7B06-43B5-8653-A8D9794C052E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", matchCriteriaId: "56BA6B86-D3F4-4496-AE46-AC513C6560FA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*", matchCriteriaId: "462CFD52-D3E2-4F7A-98AC-C589D2420556", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*", matchCriteriaId: "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", matchCriteriaId: "2FDDC897-747F-44DD-9599-7266F9B5B7B1", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", matchCriteriaId: "62FC145A-D477-4C86-89E7-F70F52773801", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*", matchCriteriaId: "06685D0E-A075-49A5-9EF4-34F0F795C8C6", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*", matchCriteriaId: "52F0B735-8C49-4B08-950A-296C9CDE43CA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", matchCriteriaId: "68CA098D-CBE4-4E62-9EC0-43E1B6098710", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", matchCriteriaId: "66F474D4-79B6-4525-983C-9A9011BD958B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", matchCriteriaId: "8AA424D4-4DBF-4E8C-96B8-E37741B5403E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*", matchCriteriaId: "8B10DFCE-5331-4D79-8D9F-EF84743493D3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on SRX Series, and MX Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\n\nWhen an affected device receives specific valid TCP traffic, the pfe crashes and restarts leading to a momentary but complete service outage.\n\nThis issue affects Junos OS:\n\n21.2 releases from 21.2R3-S5 before 21.2R3-S6.\n\nThis issue does not affect earlier or later releases.", }, { lang: "es", value: "Una verificación inadecuada de la vulnerabilidad de condiciones inusuales o excepcionales en Packet Forwarding Engine (pfe) de Juniper Networks Junos OS en la serie SRX y la serie MX con SPC3 permite que un atacante no autenticado basado en red provoque una denegación de servicio (DoS) . Cuando un dispositivo afectado recibe tráfico TCP válido específico, el pfe falla y se reinicia, lo que provoca una interrupción momentánea pero completa del servicio. Este problema afecta a Junos OS: versiones 21.2 de 21.2R3-S5 anteriores a 21.2R3-S6. Este problema no afecta a las versiones anteriores ni posteriores.", }, ], id: "CVE-2024-39540", lastModified: "2025-04-11T14:50:12.097", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "sirt@juniper.net", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 8.7, baseSeverity: "HIGH", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "LOW", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "sirt@juniper.net", type: "Primary", }, ], }, published: "2024-07-11T17:15:12.883", references: [ { source: "sirt@juniper.net", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA83000", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA83000", }, ], sourceIdentifier: "sirt@juniper.net", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-754", }, ], source: "sirt@juniper.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-754", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-04-12 16:15
Modified
2025-04-11 14:09
Severity ?
Summary
A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device.
If a device is configured with IPsec authentication algorithm hmac-sha-384 or hmac-sha-512, tunnels are established normally but for traffic traversing the tunnel no authentication information is sent with the encrypted data on egress, and no authentication information is expected on ingress. So if the peer is an unaffected device transit traffic is going to fail in both directions. If the peer is an also affected device transit traffic works, but without authentication, and configuration and CLI operational commands indicate authentication is performed.
This issue affects Junos OS:
* All versions before 20.4R3-S7,
* 21.1 versions before 21.1R3,
* 21.2 versions before 21.2R2-S1, 21.2R3,
* 21.3 versions before 21.3R1-S2, 21.3R2.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", matchCriteriaId: "E3A96966-5060-4139-A124-D4E2C879FD6C", versionEndExcluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", matchCriteriaId: "3D361B23-A3C2-444B-BEB8-E231DA950567", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", matchCriteriaId: "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "037BA01C-3F5C-4503-A633-71765E9EF774", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", matchCriteriaId: "C54B047C-4B38-40C0-9855-067DCF7E48BD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "38984199-E332-4A9C-A4C0-78083D052E15", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "AA6526FB-2941-4D18-9B2E-472AD5A62A53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", matchCriteriaId: "09876787-A40A-4340-9C12-8628C325353B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "41615104-C17E-44DA-AB0D-6E2053BD4EF4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "1981DE38-36B5-469D-917E-92717EE3ED53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "AFA68ACD-AAE5-4577-B734-23AAF77BC85A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "65948ABC-22BB-46D5-8545-0806EDB4B86E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*", matchCriteriaId: "283E41CB-9A90-4521-96DC-F31AA592CFD8", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*", matchCriteriaId: "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*", matchCriteriaId: "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", matchCriteriaId: "625BA7E6-D2AD-4A48-9B94-24328BE5B06A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", matchCriteriaId: "F462F4E3-762C-429F-8D25-5521100DD37C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*", matchCriteriaId: "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*", matchCriteriaId: "689FE1AE-7A85-4FB6-AB02-E732F23581B6", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*", matchCriteriaId: "79E56DAC-75AD-4C81-9835-634B40C15DA6", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", matchCriteriaId: "216E7DDE-453D-481F-92E2-9F8466CDDA3F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", matchCriteriaId: "A52AF794-B36B-43A6-82E9-628658624B0A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "3998DC76-F72F-4452-9150-652140B113EB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "36ED4552-2420-45F9-B6E4-6DA2B2B12870", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", matchCriteriaId: "C28A14E7-7EA0-4757-9764-E39A27CFDFA5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*", matchCriteriaId: "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", matchCriteriaId: "CC78A4CB-D617-43FC-BB51-287D2D0C44ED", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "30FF67F8-1E3C-47A8-8859-709B3614BA6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*", matchCriteriaId: "11D4A86D-BDB4-4A01-96FE-7E023C58074B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*", matchCriteriaId: "F4A26704-A6A4-4C4F-9E12-A0A0259491EF", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*", matchCriteriaId: "104858BD-D31D-40E0-8524-2EC311F10EAC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E08E1E-0FE4-4294-9497-BBFFECA2A220", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", matchCriteriaId: "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", matchCriteriaId: "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", matchCriteriaId: "927EAB8B-EC3B-4B12-85B9-5517EBA49A30", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEBF85C-736A-4E7D-956A-3E8210D4F70B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*", matchCriteriaId: "4AE06B18-BFB5-4029-A05D-386CFBFBF683", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", matchCriteriaId: "CD647C15-A686-4C8F-A766-BC29404C0FED", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", matchCriteriaId: "45AB1622-1AED-4CD7-98F1-67779CDFC321", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*", matchCriteriaId: "48A1DCCD-208C-46D9-8E14-89592B49AB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", matchCriteriaId: "89276D88-3B8D-4168-A2CD-0920297485F2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*", matchCriteriaId: "E020556B-693F-4963-BA43-3164AB50FA49", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*", matchCriteriaId: "AB0D31FF-0812-42B8-B25E-03C35EC1B021", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", matchCriteriaId: "80F9DC32-5ADF-4430-B1A6-357D0B29DB78", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", matchCriteriaId: "8B82D4C4-7A65-409A-926F-33C054DCBFBA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", matchCriteriaId: "746C3882-2A5B-4215-B259-EB1FD60C513D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", matchCriteriaId: "CE535749-F4CE-4FFA-B23D-BF09C92481E5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", matchCriteriaId: "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", matchCriteriaId: "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*", matchCriteriaId: "06A03463-6B1D-4DBA-9E89-CAD5E899B98B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F6F5-4347-49D3-909A-27A3A96D36C9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*", matchCriteriaId: "826F893F-7B06-43B5-8653-A8D9794C052E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", matchCriteriaId: "56BA6B86-D3F4-4496-AE46-AC513C6560FA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*", matchCriteriaId: "462CFD52-D3E2-4F7A-98AC-C589D2420556", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*", matchCriteriaId: "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", matchCriteriaId: "2FDDC897-747F-44DD-9599-7266F9B5B7B1", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", matchCriteriaId: "62FC145A-D477-4C86-89E7-F70F52773801", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*", matchCriteriaId: "06685D0E-A075-49A5-9EF4-34F0F795C8C6", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*", matchCriteriaId: "52F0B735-8C49-4B08-950A-296C9CDE43CA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", matchCriteriaId: "68CA098D-CBE4-4E62-9EC0-43E1B6098710", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", matchCriteriaId: "66F474D4-79B6-4525-983C-9A9011BD958B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", matchCriteriaId: "8AA424D4-4DBF-4E8C-96B8-E37741B5403E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*", matchCriteriaId: "8B10DFCE-5331-4D79-8D9F-EF84743493D3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device.\n\nIf a device is configured with IPsec authentication algorithm hmac-sha-384 or hmac-sha-512, tunnels are established normally but for traffic traversing the tunnel no authentication information is sent with the encrypted data on egress, and no authentication information is expected on ingress. So if the peer is an unaffected device transit traffic is going to fail in both directions. If the peer is an also affected device transit traffic works, but without authentication, and configuration and CLI operational commands indicate authentication is performed.\nThis issue affects Junos OS:\n\n\n\n * All versions before 20.4R3-S7,\n * 21.1 versions before 21.1R3, \n * 21.2 versions before 21.2R2-S1, 21.2R3, \n * 21.3 versions before 21.3R1-S2, 21.3R2.", }, { lang: "es", value: "Una vulnerabilidad de autenticación faltante para función crítica en el motor de reenvío de paquetes (pfe) de Juniper Networks Junos OS en la serie MX con SPC3 y la serie SRX permite que un atacante basado en red no autenticado cause un impacto limitado en la integridad o disponibilidad del dispositivo. Si un dispositivo está configurado con el algoritmo de autenticación IPsec hmac-sha-384 o hmac-sha-512, los túneles se establecen normalmente, pero para el tráfico que atraviesa el túnel no se envía información de autenticación con los datos cifrados en la salida y no se espera información de autenticación en ingreso. Entonces, si el par es un dispositivo no afectado, el tráfico de tránsito fallará en ambas direcciones. Si el par es un dispositivo también afectado, el tráfico de tránsito funciona, pero sin autenticación, y los comandos operativos de configuración y CLI indican que se realiza la autenticación. Este problema afecta a Junos OS: todas las versiones anteriores a 20.4R3-S7, versiones 21.1 anteriores a 21.1R3, versiones 21.2 anteriores a 21.2R2-S1, 21.2R3, versiones 21.3 anteriores a 21.3R1-S2, 21.3R2.", }, ], id: "CVE-2024-30391", lastModified: "2025-04-11T14:09:43.030", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 2.5, source: "sirt@juniper.net", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "PRESENT", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "LOW", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "LOW", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "sirt@juniper.net", type: "Primary", }, ], }, published: "2024-04-12T16:15:38.773", references: [ { source: "sirt@juniper.net", tags: [ "Vendor Advisory", ], url: "http://supportportal.juniper.net/JSA79188", }, { source: "sirt@juniper.net", tags: [ "Not Applicable", ], url: "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://supportportal.juniper.net/JSA79188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N", }, ], sourceIdentifier: "sirt@juniper.net", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "sirt@juniper.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-03-09 23:59
Modified
2025-04-12 10:46
Severity ?
Summary
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", matchCriteriaId: "A842D7E6-54A8-44C8-A241-1CE8B7B8BDAE", versionEndExcluding: "9.9.8", versionStartIncluding: "9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", matchCriteriaId: "D4B076C1-84ED-4924-B65A-994A23B78345", versionEndExcluding: "9.10.3", versionStartIncluding: "9.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.8:-:*:*:*:*:*:*", matchCriteriaId: "B41581B6-E576-4273-A2B8-CDB1AD1497B2", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.8:p2:*:*:*:*:*:*", matchCriteriaId: "B02B1665-1283-4B0B-9AD2-827C8BEFCF3B", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.8:p3:*:*:*:*:*:*", matchCriteriaId: "A7CE97C3-AE65-407B-B209-9809923732AF", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.8:rc1:*:*:*:*:*:*", matchCriteriaId: "86C0C8FC-6004-4DFF-919C-068DEC26FA6D", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.3:-:*:*:*:*:*:*", matchCriteriaId: "D4C46844-7B97-4EBA-9B9D-715498B5FEEB", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.3:beta1:*:*:*:*:*:*", matchCriteriaId: "BF170094-2C93-4630-A827-C2335D75425B", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.3:p1:*:*:*:*:*:*", matchCriteriaId: "88359A5D-CE32-4920-BE5D-98EC262B41EB", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.3:p2:*:*:*:*:*:*", matchCriteriaId: "B77760E4-57C5-4A5E-A169-C84409930757", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.3:p3:*:*:*:*:*:*", matchCriteriaId: "24E9CBCA-241C-4EF6-8C0C-FA32E81B8B7C", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.3:rc1:*:*:*:*:*:*", matchCriteriaId: "893ACAAC-406E-4A1C-970B-A15B42961271", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*", matchCriteriaId: "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*", matchCriteriaId: "58D3B6FD-B474-4B09-B644-A8634A629280", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*", matchCriteriaId: "F892F1B0-514C-42F7-90AE-12ACDFDC1033", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:manager:2.1:*:*:*:*:*:*:*", matchCriteriaId: "FD4EEF7C-CC33-4494-8531-7C0CC28A8823", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:manager_proxy:2.1:*:*:*:*:*:*:*", matchCriteriaId: "3CBED083-B935-4C47-BBDA-F39D8EA277ED", vulnerable: true, }, { criteria: "cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*", matchCriteriaId: "BD6136E8-74DE-48AF-A8AB-B0E93D34870C", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", matchCriteriaId: "4863BE36-D16A-4D75-90D9-FD76DB5B48B7", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", matchCriteriaId: "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", matchCriteriaId: "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", matchCriteriaId: "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", matchCriteriaId: "CB6476C7-03F2-4939-AB85-69AA524516D9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*", matchCriteriaId: "B12243B2-D726-404C-ABFF-F1AB51BA1783", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", matchCriteriaId: "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", matchCriteriaId: "15FC9014-BD85-4382-9D04-C0703E901D7A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*", matchCriteriaId: "2076747F-A98E-4DD9-9B52-BF1732BCAD3D", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*", matchCriteriaId: "D41A798E-0D69-43C7-9A63-1E5921138EAC", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", matchCriteriaId: "1831D45A-EE6E-4220-8F8C-248B69520948", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*", matchCriteriaId: "5A633996-2FD7-467C-BAA6-529E16BD06D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", matchCriteriaId: "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*", matchCriteriaId: "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", matchCriteriaId: "E88A537F-F4D0-46B9-9E37-965233C2A355", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:12.1x46:-:*:*:*:*:*:*", matchCriteriaId: "92F31F7F-02E0-4E63-A600-DF8AB4E3BAA3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*", matchCriteriaId: "A71742CF-50B1-44BB-AB7B-27E5DCC9CF70", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*", matchCriteriaId: "4FD4237A-C257-4D8A-ABC4-9B2160530A4E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*", matchCriteriaId: "5A449C87-C5C3-48FE-9E46-64ED5DD5F193", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*", matchCriteriaId: "F4B6215F-76BF-473F-B325-0975B0EB101E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d30:*:*:*:*:*:*", matchCriteriaId: "A1C4A10C-49A3-4103-9E56-F881113BC5D7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d35:*:*:*:*:*:*", matchCriteriaId: "50E7FD07-A309-48EC-A520-C7F0FA35865C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d40:*:*:*:*:*:*", matchCriteriaId: "F868948A-04D7-473B-971F-721302653633", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d45:*:*:*:*:*:*", matchCriteriaId: "830A9EBA-88F1-4277-B98F-75AC52A60824", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d50:*:*:*:*:*:*", matchCriteriaId: "BFA2ADAB-E486-4DBB-8B84-CC095D102278", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d55:*:*:*:*:*:*", matchCriteriaId: "9ACD0C03-ACD9-4D47-B3EE-1D8753FF5A83", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d60:*:*:*:*:*:*", matchCriteriaId: "0DD32D8A-7531-4691-B45D-9EACC69A23D6", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d65:*:*:*:*:*:*", matchCriteriaId: "76DFA52F-5B2E-47DA-9A8E-7D17A7413929", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d66:*:*:*:*:*:*", matchCriteriaId: "4D363E73-ABC4-4E9F-9E7B-86087D3A3F9B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d67:*:*:*:*:*:*", matchCriteriaId: "A7502F95-BADC-432A-B7BE-8E9931FA1448", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d70:*:*:*:*:*:*", matchCriteriaId: "9451CD3F-BF4E-4BBC-AD00-660BE2B313C9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d71:*:*:*:*:*:*", matchCriteriaId: "C63E8B17-250D-4D74-9A1F-2F3577D9A071", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d72:*:*:*:*:*:*", matchCriteriaId: "801AB7D7-3407-4F8B-83C4-CC16076DB0E6", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d73:*:*:*:*:*:*", matchCriteriaId: "FA4104D4-3FA2-4936-ACBD-06B0BD0B9E4C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d76:*:*:*:*:*:*", matchCriteriaId: "090BB276-C169-4A41-B03D-0EC40D20E8BF", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46:d77:*:*:*:*:*:*", matchCriteriaId: "51732A2B-52E2-4356-8409-5CB6D79F23DE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46-d10:*:*:*:*:*:*:*", matchCriteriaId: "A6390879-1AB9-4B11-A8A8-6B914F52EB83", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.1x46-d76:-:*:*:*:*:*:*", matchCriteriaId: "D6A2BAF7-8D71-474C-9F72-FF5DABC69749", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*", matchCriteriaId: "AC1FED64-8725-4978-9EBF-E3CD8EF338E4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*", matchCriteriaId: "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*", matchCriteriaId: "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*", matchCriteriaId: "5FF83BD0-3B28-481E-8C8F-09ECDA493DA4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*", matchCriteriaId: "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*", matchCriteriaId: "3C82799B-BD25-4359-9E3D-4D7CA7367525", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*", matchCriteriaId: "094485FF-960C-4533-A2AF-6C4D420D260D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*", matchCriteriaId: "F8BE3661-1DE5-4F57-9384-68C1B34F6812", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*", matchCriteriaId: "B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*", matchCriteriaId: "C6C694C6-C58C-4513-91E8-6CC22A2386E3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d51:*:*:*:*:*:*", matchCriteriaId: "64A0CCD4-91BA-440E-A14C-48E67D1F03A1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*", matchCriteriaId: "6B65EF51-ED97-4973-94C4-8F66C553F190", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*", matchCriteriaId: "9EE7C08A-2A4B-4A84-AD95-A890913E2EE3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*", matchCriteriaId: "44C61900-680C-4C74-8B96-ACC93FE9465E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d66:*:*:*:*:*:*", matchCriteriaId: "6A793CCD-397E-45DA-9349-D01C69AB96D9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d70:*:*:*:*:*:*", matchCriteriaId: "B6C38637-ABE0-419A-A053-CBE076766551", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:12.3x48:d75:*:*:*:*:*:*", matchCriteriaId: "1F87EF0D-E609-4D4A-B228-CEF05C753E68", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*", matchCriteriaId: "D90D8985-34EF-44CC-A9A7-CB0FD22676F2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*", matchCriteriaId: "856A5668-FA4F-44E9-A3F0-BE4979F631E2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*", matchCriteriaId: "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*", matchCriteriaId: "FA2459ED-DFA5-4701-AF92-C2928C3BD64D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*", matchCriteriaId: "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d131:*:*:*:*:*:*", matchCriteriaId: "40D42ACF-860C-4B47-8E25-7DEC30FB8064", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*", matchCriteriaId: "C808E08F-1992-43DD-A106-E920DC784831", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d15:*:*:*:*:*:*", matchCriteriaId: "C8C94365-988C-4A14-8E49-846152FDC666", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*", matchCriteriaId: "E288F54B-AEA3-412F-85A4-EBDFE74DB84F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d160:*:*:*:*:*:*", matchCriteriaId: "02AAC05C-1C4B-4F35-A286-52D20DFD6212", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d170:*:*:*:*:*:*", matchCriteriaId: "080422D3-B508-4049-B558-4B04BF2E8AB4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d180:*:*:*:*:*:*", matchCriteriaId: "2FAFD8F8-CBD2-45CA-BD3C-875C8FA1D778", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*", matchCriteriaId: "18468579-0195-4DDE-BAA5-4BE4068F3A69", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d25:*:*:*:*:*:*", matchCriteriaId: "6825F6BA-B48F-4E02-938F-6B297E21BA07", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*", matchCriteriaId: "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*", matchCriteriaId: "870244F3-1C05-4F10-A205-5189BB860F46", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*", matchCriteriaId: "235EE40B-AA15-4F39-8087-A051F4F70995", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*", matchCriteriaId: "17330544-3AFC-463E-A146-2840A8AE17D2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*", matchCriteriaId: "8ABA301F-7866-42A5-8391-E07BEAFF06FA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*", matchCriteriaId: "884E4A85-ED42-4391-9FDD-9052F957743A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*", matchCriteriaId: "1901864B-688B-4352-A587-4B96B4E49FB1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*", matchCriteriaId: "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*", matchCriteriaId: "1B6670FB-9F5A-469B-97F2-074C28572065", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*", matchCriteriaId: "71198992-83AA-4E28-BA7D-A3C1897B5E2B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*", matchCriteriaId: "4323D874-C317-4D76-8E2D-C82376D84CBE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*", matchCriteriaId: "F56067DA-EBA9-481A-B60B-52148584EFBD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*", matchCriteriaId: "A283D32F-1CAF-4A5A-83E1-585F2801771F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*", matchCriteriaId: "38A40E03-F915-4888-87B0-5950F75F097D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "C52E355B-DA7D-4FDE-B2D7-A3C3C9C99918", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r1-s4:*:*:*:*:*:*", matchCriteriaId: "267A3603-BC18-442E-803A-4CAEB6493433", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*", matchCriteriaId: "69FC46D4-39E2-4E2F-A1D3-1001769A7115", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "32F83E8B-A816-4F26-95F8-F0DA7F3DF426", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "2C433359-BC8B-4E69-BE74-A31EB148083A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r2-s3:*:*:*:*:*:*", matchCriteriaId: "BCA2976C-C84B-40D9-A806-588629BFFB13", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r2-s4:*:*:*:*:*:*", matchCriteriaId: "A2C7B980-033E-40AC-98C9-B252733B0F43", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r2-s5:*:*:*:*:*:*", matchCriteriaId: "BA8D32E4-1892-46DC-9782-5466A14E18D9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3:*:*:*:*:*:*", matchCriteriaId: "25C7C3D0-A203-4979-8375-A610ADD48E9E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3:-:*:*:*:*:*", matchCriteriaId: "D1CAEBD2-2E46-44B5-B1D1-1DDBD450FD27", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3-s1:*:*:*:*:*:*", matchCriteriaId: "565AE6D8-28A9-4A62-A886-5BAB954695D8", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3-s2:*:*:*:*:*:*", matchCriteriaId: "0C366F93-BB30-4144-99AE-40B676977834", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3-s3:*:*:*:*:*:*", matchCriteriaId: "488BB10A-1360-42E5-A68D-23D51B332850", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3-s4:*:*:*:*:*:*", matchCriteriaId: "64988F0A-E02C-455B-99C9-4059C896416F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3-s5:*:*:*:*:*:*", matchCriteriaId: "DC2ACA85-FA89-40F0-A2AD-778E1CB02A91", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.3:r3-s6:*:*:*:*:*:*", matchCriteriaId: "9F431D3D-5D55-45A9-98E8-00CB1D4C0196", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*", matchCriteriaId: "A00CA6FB-8F28-4171-B510-8DBA351E80C0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*", matchCriteriaId: "988D317A-0646-491F-9B97-853E8E208276", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "605F1AD7-5B09-44F0-9017-15AB3EEE559C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s3:*:*:*:*:*:*", matchCriteriaId: "DF3F9F86-166F-45E4-92B7-3DD3B06199F3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*", matchCriteriaId: "4E4EB6B0-8DB2-4199-96E4-30195D49F756", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s5:*:*:*:*:*:*", matchCriteriaId: "204FC7B5-9CF2-4AC2-9B8D-DA48CAEA6496", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*", matchCriteriaId: "9D8A8E33-473A-4A40-A7B7-47086BB9012A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*", matchCriteriaId: "F0F65DCA-34B9-4CE8-91C9-426AAAEB4097", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*", matchCriteriaId: "0E0CE79A-157D-47DE-BE65-936BC12470EB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "05060C06-18C1-40E8-AE01-385B036CC9AA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s10:*:*:*:*:*:*", matchCriteriaId: "341417EE-71C2-465C-96CA-65B2B5B63FF0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s11:*:*:*:*:*:*", matchCriteriaId: "A701A73D-A795-47DD-8EB5-55D1CDF67A49", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s12:*:*:*:*:*:*", matchCriteriaId: "CC1EE8D6-8963-49D8-84C7-C9406B04D9EC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s13:*:*:*:*:*:*", matchCriteriaId: "03BCD35E-29D3-4F8C-ABE9-32C7010FD796", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "0C752783-4843-407B-AF33-0E1D36FCAAF8", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s3:*:*:*:*:*:*", matchCriteriaId: "006EE425-A146-4E10-B050-7E754BB8402A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s4:*:*:*:*:*:*", matchCriteriaId: "2B482BCC-1F0C-47AA-B63B-1B39CEF7B2C0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s5:*:*:*:*:*:*", matchCriteriaId: "A636F9F2-2DA7-4A27-AD80-FD1B34DFCA94", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s6:*:*:*:*:*:*", matchCriteriaId: "4EC7D216-D8F3-4ABD-97C9-4C9FB6DF64FF", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s7:*:*:*:*:*:*", matchCriteriaId: "5E327643-D8D8-4EFA-9F38-BA862A919501", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s8:*:*:*:*:*:*", matchCriteriaId: "1BC6CE1C-9DD8-429E-BDC2-251D8C8674E3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:17.4:r2-s9:*:*:*:*:*:*", matchCriteriaId: "63B00B4F-3E65-4CB2-807D-43908B570AE6", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*", matchCriteriaId: "0DFDD907-5305-4602-8A9C-685AA112C342", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*", matchCriteriaId: "B0A756E2-C320-405A-B24F-7C5022649E5A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*", matchCriteriaId: "2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*", matchCriteriaId: "84F5BCBA-404B-4BC9-B363-CE6D231B0D6D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*", matchCriteriaId: "18A4CA3E-DA61-49CC-8476-3A476CCB2B83", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*", matchCriteriaId: "A7380B3E-09F5-4497-86C6-11EF56BD89F1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:*", matchCriteriaId: "658841A9-BEC9-433E-81D0-47DE82887C4F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s1:*:*:*:*:*:*", matchCriteriaId: "5AD05209-1274-4F8A-9FA2-A1A8DFCC5755", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s13:*:*:*:*:*:*", matchCriteriaId: "F144834D-7FC0-4B60-AFCB-AD86BA121719", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s2:*:*:*:*:*:*", matchCriteriaId: "C97683B3-A07B-428F-9535-C49B55305679", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s3:*:*:*:*:*:*", matchCriteriaId: "A14CE132-C56B-43D8-A248-AB6A2D1A7B6C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s4:*:*:*:*:*:*", matchCriteriaId: "73978DD8-BD92-4872-8F35-AF2B9BCA1ECB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s5:*:*:*:*:*:*", matchCriteriaId: "678F57D1-2595-4AF3-BB87-AF2E1FE3CBB9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s6:*:*:*:*:*:*", matchCriteriaId: "7988CE92-71D2-4EEC-B596-4A60E2C1136A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s7:*:*:*:*:*:*", matchCriteriaId: "330D176F-8DAD-440C-A623-44FA233FAB01", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.1:r3-s8:*:*:*:*:*:*", matchCriteriaId: "8CC5EAB8-1364-4325-9F01-BE7CC479C29D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*", matchCriteriaId: "A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r1:*:*:*:*:*:*", matchCriteriaId: "167EEC4F-729E-47C2-B0F8-E8108CE3E985", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "0070B31B-59DC-46E9-93E0-1E8BF3560BFC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r1-s3:*:*:*:*:*:*", matchCriteriaId: "A893CCE5-96B8-44A1-ABEF-6AB9B527B2FB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r1-s4:*:*:*:*:*:*", matchCriteriaId: "42203801-E2E7-4DCF-ABBB-D23A91B2A9FF", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*", matchCriteriaId: "238EC996-8E8C-4332-916F-09E54E6EBB9D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2:*:*:*:*:*:*", matchCriteriaId: "5F711936-33A1-47FC-A6A0-A63088915815", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "21B7820C-01D2-401C-9E6D-C83994FD5961", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "3D2FBD29-2CAC-41B4-9336-671373EF4A7C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s3:*:*:*:*:*:*", matchCriteriaId: "EEFCDA90-67E2-4AEF-800C-1D29A9121B8F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s4:*:*:*:*:*:*", matchCriteriaId: "74B99981-840F-4DAD-976A-5DAEFE9FB93D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s5:*:*:*:*:*:*", matchCriteriaId: "BDD3ADB9-35FF-41D3-92BD-98D6D4826B03", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s6:*:*:*:*:*:*", matchCriteriaId: "341F2459-8335-40E9-A2B3-BE804D319F95", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s7:*:*:*:*:*:*", matchCriteriaId: "0CD17956-8E8C-489D-927A-5709C05EA705", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.2:r2-s8:*:*:*:*:*:*", matchCriteriaId: "27D9AEBC-2CA3-4E17-9543-D60B10BA2AE1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*", matchCriteriaId: "1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*", matchCriteriaId: "5342C3DC-D640-47AB-BD76-3444852988A2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "A2ABC574-B3FC-4025-B50D-7F9EEB28C806", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*", matchCriteriaId: "6F6EAFC3-C3AC-4361-8530-39FCF89702F7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1-s4:*:*:*:*:*:*", matchCriteriaId: "92FB1BF6-8852-45D8-817C-36CDBE730801", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1-s5:*:*:*:*:*:*", matchCriteriaId: "6B363298-315C-4FD5-9417-C5B82883A224", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.3:r1-s6:*:*:*:*:*:*", matchCriteriaId: "EB08FF7B-01F5-4A19-858E-E2CD19D61A62", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*", matchCriteriaId: "74CA9010-D3DE-487B-B46F-589A48AB0F0A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*", matchCriteriaId: "A38F224C-8E9B-44F3-9D4F-6C9F04F57927", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "853F146A-9A0F-49B6-AFD2-9907434212F1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "8F73B88B-E66C-4ACD-B38D-9365FB230ABA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*", matchCriteriaId: "EE1F82EC-3222-4158-8923-59CDA1909A9C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*", matchCriteriaId: "8FE95D15-B5E5-4E74-9464-C72D8B646A6B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*", matchCriteriaId: "C012CD07-706A-4E1C-B399-C55AEF5C8309", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:juniper:vsrx:-:*:*:*:*:*:*:*", matchCriteriaId: "36F68E75-E6C6-4DB4-AE0E-C5637ECE7C88", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", matchCriteriaId: "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", matchCriteriaId: "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", matchCriteriaId: "927EAB8B-EC3B-4B12-85B9-5517EBA49A30", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEBF85C-736A-4E7D-956A-3E8210D4F70B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*", matchCriteriaId: "4AE06B18-BFB5-4029-A05D-386CFBFBF683", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", matchCriteriaId: "CD647C15-A686-4C8F-A766-BC29404C0FED", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", matchCriteriaId: "45AB1622-1AED-4CD7-98F1-67779CDFC321", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*", matchCriteriaId: "48A1DCCD-208C-46D9-8E14-89592B49AB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", matchCriteriaId: "89276D88-3B8D-4168-A2CD-0920297485F2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*", matchCriteriaId: "E020556B-693F-4963-BA43-3164AB50FA49", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*", matchCriteriaId: "AB0D31FF-0812-42B8-B25E-03C35EC1B021", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", matchCriteriaId: "80F9DC32-5ADF-4430-B1A6-357D0B29DB78", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", matchCriteriaId: "8B82D4C4-7A65-409A-926F-33C054DCBFBA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", matchCriteriaId: "746C3882-2A5B-4215-B259-EB1FD60C513D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", matchCriteriaId: "CE535749-F4CE-4FFA-B23D-BF09C92481E5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", matchCriteriaId: "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", matchCriteriaId: "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*", matchCriteriaId: "06A03463-6B1D-4DBA-9E89-CAD5E899B98B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F6F5-4347-49D3-909A-27A3A96D36C9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*", matchCriteriaId: "826F893F-7B06-43B5-8653-A8D9794C052E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", matchCriteriaId: "56BA6B86-D3F4-4496-AE46-AC513C6560FA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*", matchCriteriaId: "462CFD52-D3E2-4F7A-98AC-C589D2420556", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*", matchCriteriaId: "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", matchCriteriaId: "2FDDC897-747F-44DD-9599-7266F9B5B7B1", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", matchCriteriaId: "62FC145A-D477-4C86-89E7-F70F52773801", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*", matchCriteriaId: "06685D0E-A075-49A5-9EF4-34F0F795C8C6", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*", matchCriteriaId: "52F0B735-8C49-4B08-950A-296C9CDE43CA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", matchCriteriaId: "68CA098D-CBE4-4E62-9EC0-43E1B6098710", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", matchCriteriaId: "66F474D4-79B6-4525-983C-9A9011BD958B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", matchCriteriaId: "8AA424D4-4DBF-4E8C-96B8-E37741B5403E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.", }, { lang: "es", value: "named en ISC BIND 9.x en versiones anteriores a 9.9.8-P4 y 9.10.x en versiones anteriores a 9.10.3-P4 no maneja adecuadamente los archivos DNAME cuando analiza gramaticalmente la recuperación de mensajes contestados, lo que permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de un paquete mal formado en la interfaz rndc (también conocido como canal de control), relacionado con alist.c y sexpr.c.", }, ], id: "CVE-2016-1285", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-03-09T23:59:02.133", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0562.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0601.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3511", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1035236", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2925-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-01352", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Release Notes", ], url: "https://kb.isc.org/article/AA-01380", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://kb.isc.org/article/AA-01438", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201610-07", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0562.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0601.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3511", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1035236", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2925-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.isc.org/article/AA-01352", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Release Notes", ], url: "https://kb.isc.org/article/AA-01380", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://kb.isc.org/article/AA-01438", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201610-07", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-04-12 15:15
Modified
2025-04-10 20:44
Severity ?
Summary
A Missing Release of Memory after Effective Lifetime vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an administratively adjacent attacker which is able to successfully establish IPsec tunnels to cause a Denial of Service (DoS).
If specific values for the IPsec parameters local-ip, remote-ip, remote ike-id, and traffic selectors are sent from the peer, a memory leak occurs during every IPsec SA rekey which is carried out with a specific message sequence. This will eventually result in an iked process crash and restart.
The iked process memory consumption can be checked using the below command:
user@host> show system processes extensive | grep iked
PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND
56903 root 31 0 4016M 2543M CPU0 0 2:10 10.50% iked
This issue affects Juniper Networks Junos OS:
* All versions earlier than 20.4R3-S9;
* 21.2 versions earlier than 21.2R3-S7;
* 21.3 versions earlier than 21.3R3-S5;
* 21.4 versions earlier than 21.4R3-S4;
* 22.1 versions earlier than 22.1R3-S3;
* 22.2 versions earlier than 22.2R3-S2;
* 22.3 versions earlier than 22.3R3;
* 22.4 versions earlier than 22.4R3;
* 23.2 versions earlier than 23.2R1-S2, 23.2R2.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", matchCriteriaId: "E3A96966-5060-4139-A124-D4E2C879FD6C", versionEndExcluding: "20.4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", matchCriteriaId: "3D361B23-A3C2-444B-BEB8-E231DA950567", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", matchCriteriaId: "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "037BA01C-3F5C-4503-A633-71765E9EF774", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", matchCriteriaId: "C54B047C-4B38-40C0-9855-067DCF7E48BD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "38984199-E332-4A9C-A4C0-78083D052E15", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "AA6526FB-2941-4D18-9B2E-472AD5A62A53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", matchCriteriaId: "09876787-A40A-4340-9C12-8628C325353B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "41615104-C17E-44DA-AB0D-6E2053BD4EF4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "1981DE38-36B5-469D-917E-92717EE3ED53", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "AFA68ACD-AAE5-4577-B734-23AAF77BC85A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "65948ABC-22BB-46D5-8545-0806EDB4B86E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*", matchCriteriaId: "283E41CB-9A90-4521-96DC-F31AA592CFD8", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*", matchCriteriaId: "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s7:*:*:*:*:*:*", matchCriteriaId: "977DEF80-0DB5-4828-97AC-09BB3111D585", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:20.4:r3-s8:*:*:*:*:*:*", matchCriteriaId: "C445622E-8E57-4990-A71A-E1993BFCB91A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", matchCriteriaId: "216E7DDE-453D-481F-92E2-9F8466CDDA3F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", matchCriteriaId: "A52AF794-B36B-43A6-82E9-628658624B0A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "3998DC76-F72F-4452-9150-652140B113EB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "36ED4552-2420-45F9-B6E4-6DA2B2B12870", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", matchCriteriaId: "C28A14E7-7EA0-4757-9764-E39A27CFDFA5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "4A43752D-A4AF-4B4E-B95B-192E42883A5B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "42986538-E9D0-4C2E-B1C4-A763A4EE451B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", matchCriteriaId: "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "E596ABD9-6ECD-48DC-B770-87B7E62EA345", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "71745D02-D226-44DC-91AD-678C85F5E6FC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*", matchCriteriaId: "39E44B09-7310-428C-8144-AE9DB0484D1F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*", matchCriteriaId: "53938295-8999-4316-9DED-88E24D037852", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*", matchCriteriaId: "2307BF56-640F-49A8-B060-6ACB0F653A61", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*", matchCriteriaId: "737DDF96-7B1D-44E2-AD0F-E2F50858B2A3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*", matchCriteriaId: "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", matchCriteriaId: "CC78A4CB-D617-43FC-BB51-287D2D0C44ED", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "30FF67F8-1E3C-47A8-8859-709B3614BA6E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "0C7C507E-C85E-4BC6-A3B0-549516BAB524", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*", matchCriteriaId: "6514CDE8-35DC-469F-89A3-078684D18F7A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "4624565D-8F59-44A8-B7A8-01AD579745E7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*", matchCriteriaId: "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*", matchCriteriaId: "255B6F20-D32F-42C1-829C-AE9C7923558A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*", matchCriteriaId: "90AE30DB-C448-4FE9-AC11-FF0F27CDA227", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s3:*:*:*:*:*:*", matchCriteriaId: "93F324AE-65D3-4CFC-AEAB-898CE1BD05CD", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.3:r3-s4:*:*:*:*:*:*", matchCriteriaId: "3CCBB2F4-F05B-4CC5-9B1B-ECCB798D0483", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", matchCriteriaId: "79ED3CE8-CC57-43AB-9A26-BBC87816062D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", matchCriteriaId: "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "9962B01C-C57C-4359-9532-676AB81CE8B0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "62178549-B679-4902-BFDB-2993803B7FCE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", matchCriteriaId: "9AD697DF-9738-4276-94ED-7B9380CD09F5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "09FF5818-0803-4646-A386-D7C645EE58A3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "2229FA59-EB24-49A2-85CE-F529A8DE6BA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*", matchCriteriaId: "0CB280D8-C5D8-4B51-A879-496ACCDE4538", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "5F3F54F1-75B3-400D-A735-2C27C8CEBE79", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "0A5B196A-2AF1-4AE5-9148-A75A572807BC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*", matchCriteriaId: "9D157211-535E-4B2D-B2FE-F697FAFDF65C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", matchCriteriaId: "3F96EBE9-2532-4E35-ABA5-CA68830476A4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", matchCriteriaId: "B4D936AE-FD74-4823-A824-2D9F24C25BFB", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*", matchCriteriaId: "E117E493-F4E1-4568-88E3-F243C74A2662", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*", matchCriteriaId: "01E3E308-FD9C-4686-8C35-8472A0E99F0D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*", matchCriteriaId: "3683A8F5-EE0E-4936-A005-DF7F6B75DED3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*", matchCriteriaId: "1B615DBA-8C53-41D4-B264-D3EED8578471", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*", matchCriteriaId: "B3124DD0-9E42-4896-9060-CB7DD07FC342", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3-s1:*:*:*:*:*:*", matchCriteriaId: "44F6FD6C-03AF-4D2C-B411-A753DE12A2DA", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.1:r3-s2:*:*:*:*:*:*", matchCriteriaId: "D49FFB60-BA71-4902-9404-E67162919ADC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*", matchCriteriaId: "06156CD6-09D3-4A05-9C5E-BC64A70640F9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", matchCriteriaId: "E949B21B-AD62-4022-9088-06313277479E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "8D862E6F-0D01-4B25-8340-888C30F75A2F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "2F28F73E-8563-41B9-A313-BBAAD5B57A67", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", matchCriteriaId: "E37D4694-C80B-475E-AB5B-BB431F59C5E1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "5EC0D2D2-4922-4675-8A2C-57A08D7BE334", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*", matchCriteriaId: "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "786F993E-32CB-492A-A7CC-A7E4F48EA8B9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*", matchCriteriaId: "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", matchCriteriaId: "19519212-51DD-4448-B115-8A20A40192CC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "5CC9909E-AE9F-414D-99B1-83AA04D5297B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "FDE9E767-4713-4EA2-8D00-1382975A4A15", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*", matchCriteriaId: "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "574730B0-56C8-4A03-867B-1737148ED9B1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "20EBC676-1B26-4A71-8326-0F892124290A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*", matchCriteriaId: "1379EF30-AF04-4F98-8328-52A631F24737", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*", matchCriteriaId: "28E42A41-7965-456B-B0AF-9D3229CE4D4C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "CB1A77D6-D3AD-481B-979C-8F778530B175", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "3A064B6B-A99B-4D8D-A62D-B00C7870BC30", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*", matchCriteriaId: "40813417-A938-4F74-A419-8C5188A35486", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "7FC1BA1A-DF0E-4B15-86BA-24C60E546732", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "EBB967BF-3495-476D-839A-9DBFCBE69F91", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*", matchCriteriaId: "1A78CC80-E8B1-4CDA-BB35-A61833657FA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*", matchCriteriaId: "4B3B2FE1-C228-46BE-AC76-70C2687050AE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "F1B16FF0-900F-4AEE-B670-A537139F6909", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*", matchCriteriaId: "11D4A86D-BDB4-4A01-96FE-7E023C58074B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*", matchCriteriaId: "F4A26704-A6A4-4C4F-9E12-A0A0259491EF", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*", matchCriteriaId: "104858BD-D31D-40E0-8524-2EC311F10EAC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*", matchCriteriaId: "B5E08E1E-0FE4-4294-9497-BBFFECA2A220", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", matchCriteriaId: "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", matchCriteriaId: "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", matchCriteriaId: "927EAB8B-EC3B-4B12-85B9-5517EBA49A30", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEBF85C-736A-4E7D-956A-3E8210D4F70B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*", matchCriteriaId: "4AE06B18-BFB5-4029-A05D-386CFBFBF683", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", matchCriteriaId: "CD647C15-A686-4C8F-A766-BC29404C0FED", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", matchCriteriaId: "45AB1622-1AED-4CD7-98F1-67779CDFC321", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*", matchCriteriaId: "48A1DCCD-208C-46D9-8E14-89592B49AB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", matchCriteriaId: "89276D88-3B8D-4168-A2CD-0920297485F2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*", matchCriteriaId: "E020556B-693F-4963-BA43-3164AB50FA49", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*", matchCriteriaId: "AB0D31FF-0812-42B8-B25E-03C35EC1B021", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", matchCriteriaId: "80F9DC32-5ADF-4430-B1A6-357D0B29DB78", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", matchCriteriaId: "8B82D4C4-7A65-409A-926F-33C054DCBFBA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", matchCriteriaId: "746C3882-2A5B-4215-B259-EB1FD60C513D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", matchCriteriaId: "CE535749-F4CE-4FFA-B23D-BF09C92481E5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", matchCriteriaId: "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", matchCriteriaId: "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*", matchCriteriaId: "06A03463-6B1D-4DBA-9E89-CAD5E899B98B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F6F5-4347-49D3-909A-27A3A96D36C9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*", matchCriteriaId: "826F893F-7B06-43B5-8653-A8D9794C052E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", matchCriteriaId: "56BA6B86-D3F4-4496-AE46-AC513C6560FA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*", matchCriteriaId: "462CFD52-D3E2-4F7A-98AC-C589D2420556", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*", matchCriteriaId: "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", matchCriteriaId: "2FDDC897-747F-44DD-9599-7266F9B5B7B1", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", matchCriteriaId: "62FC145A-D477-4C86-89E7-F70F52773801", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*", matchCriteriaId: "06685D0E-A075-49A5-9EF4-34F0F795C8C6", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*", matchCriteriaId: "52F0B735-8C49-4B08-950A-296C9CDE43CA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", matchCriteriaId: "68CA098D-CBE4-4E62-9EC0-43E1B6098710", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", matchCriteriaId: "66F474D4-79B6-4525-983C-9A9011BD958B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", matchCriteriaId: "8AA424D4-4DBF-4E8C-96B8-E37741B5403E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*", matchCriteriaId: "8B10DFCE-5331-4D79-8D9F-EF84743493D3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Missing Release of Memory after Effective Lifetime vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an administratively adjacent attacker which is able to successfully establish IPsec tunnels to cause a Denial of Service (DoS).\n\nIf specific values for the IPsec parameters local-ip, remote-ip, remote ike-id, and traffic selectors are sent from the peer, a memory leak occurs during every IPsec SA rekey which is carried out with a specific message sequence. This will eventually result in an iked process crash and restart.\n\nThe iked process memory consumption can be checked using the below command:\n user@host> show system processes extensive | grep iked\n PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND\n 56903 root 31 0 4016M 2543M CPU0 0 2:10 10.50% iked\n\nThis issue affects Juniper Networks Junos OS:\n * All versions earlier than 20.4R3-S9;\n * 21.2 versions earlier than 21.2R3-S7;\n * 21.3 versions earlier than 21.3R3-S5;\n * 21.4 versions earlier than 21.4R3-S4;\n * 22.1 versions earlier than 22.1R3-S3;\n * 22.2 versions earlier than 22.2R3-S2;\n * 22.3 versions earlier than 22.3R3;\n * 22.4 versions earlier than 22.4R3;\n * 23.2 versions earlier than 23.2R1-S2, 23.2R2.", }, { lang: "es", value: "Una vulnerabilidad de liberación de memoria faltante después de la vida útil efectiva en el daemon IKE (iked) de Juniper Networks Junos OS en la serie MX con SPC3 y la serie SRX permite que un atacante administrativamente adyacente que pueda establecer con éxito túneles IPsec provoque una denegación de servicio ( DoS). Si el par envía valores específicos para los parámetros IPsec local-ip, remoto-ip, remoto ike-id y selectores de tráfico, se produce una pérdida de memoria durante cada nueva clave de IPsec SA que se lleva a cabo con una secuencia de mensajes específica. Esto eventualmente resultará en un bloqueo y reinicio del proceso iked. El consumo de memoria del proceso iked se puede verificar usando el siguiente comando: usuario@host> mostrar procesos del sistema extensos | grep iked PID NOMBRE DE USUARIO PRI NICE TAMAÑO RES ESTADO C HORA WCPU COMANDO 56903 root 31 0 4016M 2543M CPU0 0 2:10 10,50% iked Este problema afecta a Juniper Networks Junos OS: * Todas las versiones anteriores a 20.4R3-S9; * Versiones 21.2 anteriores a 21.2R3-S7; * Versiones 21.3 anteriores a 21.3R3-S5; * Versiones 21.4 anteriores a 21.4R3-S4; * Versiones 22.1 anteriores a 22.1R3-S3; * Versiones 22.2 anteriores a 22.2R3-S2; * Versiones 22.3 anteriores a 22.3R3; * Versiones 22.4 anteriores a 22.4R3; * Versiones 23.2 anteriores a 23.2R1-S2, 23.2R2.", }, ], id: "CVE-2024-21609", lastModified: "2025-04-10T20:44:13.873", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "sirt@juniper.net", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "ADJACENT", availabilityRequirement: "NOT_DEFINED", baseScore: 7.1, baseSeverity: "HIGH", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "LOW", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "sirt@juniper.net", type: "Primary", }, ], }, published: "2024-04-12T15:15:23.770", references: [ { source: "sirt@juniper.net", tags: [ "Vendor Advisory", ], url: "http://supportportal.juniper.net/JSA75750", }, { source: "sirt@juniper.net", tags: [ "Not Applicable", ], url: "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://supportportal.juniper.net/JSA75750", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", }, ], sourceIdentifier: "sirt@juniper.net", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "sirt@juniper.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-11 16:15
Modified
2024-11-21 09:27
Severity ?
Summary
A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
If DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and specific valid transit DNS traffic is received this causes a PFE crash and restart, leading to a Denial of Service.
This issue affects Junos OS:
* All versions before 21.4R3-S6,
* 22.2 versions before 22.2R3-S3,
* 22.3 versions before 22.3R3-S3,
* 22.4 versions before 22.4R3,
* 23.2 versions before 23.2R2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA82988 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://supportportal.juniper.net/JSA82988 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", matchCriteriaId: "AA5E63CF-31E5-4391-896F-148F05DA6BFE", versionEndExcluding: "21.4", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", matchCriteriaId: "79ED3CE8-CC57-43AB-9A26-BBC87816062D", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", matchCriteriaId: "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "9962B01C-C57C-4359-9532-676AB81CE8B0", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "62178549-B679-4902-BFDB-2993803B7FCE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", matchCriteriaId: "9AD697DF-9738-4276-94ED-7B9380CD09F5", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "09FF5818-0803-4646-A386-D7C645EE58A3", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "2229FA59-EB24-49A2-85CE-F529A8DE6BA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*", matchCriteriaId: "0CB280D8-C5D8-4B51-A879-496ACCDE4538", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*", matchCriteriaId: "5F3F54F1-75B3-400D-A735-2C27C8CEBE79", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*", matchCriteriaId: "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*", matchCriteriaId: "0A5B196A-2AF1-4AE5-9148-A75A572807BC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*", matchCriteriaId: "3B457616-2D91-4913-9A7D-038BBF8F1F66", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*", matchCriteriaId: "C470FB4E-A927-4AF3-ACB0-AD1E264218B7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*", matchCriteriaId: "06156CD6-09D3-4A05-9C5E-BC64A70640F9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", matchCriteriaId: "E949B21B-AD62-4022-9088-06313277479E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "8D862E6F-0D01-4B25-8340-888C30F75A2F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "2F28F73E-8563-41B9-A313-BBAAD5B57A67", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", matchCriteriaId: "E37D4694-C80B-475E-AB5B-BB431F59C5E1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*", matchCriteriaId: "5EC0D2D2-4922-4675-8A2C-57A08D7BE334", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*", matchCriteriaId: "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*", matchCriteriaId: "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*", matchCriteriaId: "786F993E-32CB-492A-A7CC-A7E4F48EA8B9", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*", matchCriteriaId: "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*", matchCriteriaId: "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", matchCriteriaId: "19519212-51DD-4448-B115-8A20A40192CC", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", matchCriteriaId: "5CC9909E-AE9F-414D-99B1-83AA04D5297B", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*", matchCriteriaId: "FDE9E767-4713-4EA2-8D00-1382975A4A15", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*", matchCriteriaId: "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*", matchCriteriaId: "574730B0-56C8-4A03-867B-1737148ED9B1", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*", matchCriteriaId: "20EBC676-1B26-4A71-8326-0F892124290A", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*", matchCriteriaId: "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:*", matchCriteriaId: "8BCDE58C-80CC-4C5A-9667-8A4468D8D76C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.3:r3-s2:*:*:*:*:*:*", matchCriteriaId: "19326769-2F08-4E61-8246-CCE7AE4483F7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*", matchCriteriaId: "1379EF30-AF04-4F98-8328-52A631F24737", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*", matchCriteriaId: "28E42A41-7965-456B-B0AF-9D3229CE4D4C", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*", matchCriteriaId: "CB1A77D6-D3AD-481B-979C-8F778530B175", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*", matchCriteriaId: "3A064B6B-A99B-4D8D-A62D-B00C7870BC30", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*", matchCriteriaId: "40813417-A938-4F74-A419-8C5188A35486", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*", matchCriteriaId: "7FC1BA1A-DF0E-4B15-86BA-24C60E546732", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*", matchCriteriaId: "EBB967BF-3495-476D-839A-9DBFCBE69F91", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*", matchCriteriaId: "1A78CC80-E8B1-4CDA-BB35-A61833657FA7", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*", matchCriteriaId: "4B3B2FE1-C228-46BE-AC76-70C2687050AE", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*", matchCriteriaId: "F1B16FF0-900F-4AEE-B670-A537139F6909", vulnerable: true, }, { criteria: "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*", matchCriteriaId: "B227E831-30FF-4BE1-B8B2-31829A5610A6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", matchCriteriaId: "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", matchCriteriaId: "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", matchCriteriaId: "927EAB8B-EC3B-4B12-85B9-5517EBA49A30", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", matchCriteriaId: "2CEBF85C-736A-4E7D-956A-3E8210D4F70B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*", matchCriteriaId: "4AE06B18-BFB5-4029-A05D-386CFBFBF683", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", matchCriteriaId: "CD647C15-A686-4C8F-A766-BC29404C0FED", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", matchCriteriaId: "45AB1622-1AED-4CD7-98F1-67779CDFC321", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*", matchCriteriaId: "48A1DCCD-208C-46D9-8E14-89592B49AB9A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", matchCriteriaId: "89276D88-3B8D-4168-A2CD-0920297485F2", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*", matchCriteriaId: "E020556B-693F-4963-BA43-3164AB50FA49", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*", matchCriteriaId: "AB0D31FF-0812-42B8-B25E-03C35EC1B021", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", matchCriteriaId: "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", matchCriteriaId: "80F9DC32-5ADF-4430-B1A6-357D0B29DB78", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", matchCriteriaId: "8B82D4C4-7A65-409A-926F-33C054DCBFBA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", matchCriteriaId: "746C3882-2A5B-4215-B259-EB1FD60C513D", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", matchCriteriaId: "CE535749-F4CE-4FFA-B23D-BF09C92481E5", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", matchCriteriaId: "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", matchCriteriaId: "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*", matchCriteriaId: "06A03463-6B1D-4DBA-9E89-CAD5E899B98B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", matchCriteriaId: "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F6F5-4347-49D3-909A-27A3A96D36C9", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*", matchCriteriaId: "826F893F-7B06-43B5-8653-A8D9794C052E", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", matchCriteriaId: "56BA6B86-D3F4-4496-AE46-AC513C6560FA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*", matchCriteriaId: "462CFD52-D3E2-4F7A-98AC-C589D2420556", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*", matchCriteriaId: "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", matchCriteriaId: "2FDDC897-747F-44DD-9599-7266F9B5B7B1", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", matchCriteriaId: "62FC145A-D477-4C86-89E7-F70F52773801", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*", matchCriteriaId: "06685D0E-A075-49A5-9EF4-34F0F795C8C6", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*", matchCriteriaId: "52F0B735-8C49-4B08-950A-296C9CDE43CA", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", matchCriteriaId: "68CA098D-CBE4-4E62-9EC0-43E1B6098710", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", matchCriteriaId: "66F474D4-79B6-4525-983C-9A9011BD958B", vulnerable: false, }, { criteria: "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", matchCriteriaId: "8AA424D4-4DBF-4E8C-96B8-E37741B5403E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\n\n\n\nIf DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and specific valid transit DNS traffic is received this causes a PFE crash and restart, leading to a Denial of Service.\n\nThis issue affects Junos OS: \n * All versions before 21.4R3-S6,\n * 22.2 versions before 22.2R3-S3,\n * 22.3 versions before 22.3R3-S3,\n * 22.4 versions before 22.4R3,\n * 23.2 versions before 23.2R2.", }, { lang: "es", value: "Una vulnerabilidad de uso de cadena de formato controlada externamente en Packet Forwarding Engine (PFE) de Juniper Networks Junos OS en la serie SRX permite que un atacante no autenticado basado en la red provoque una denegación de servicio (DoS). Si se configuran la detección del algoritmo de generación de dominio DNS (DGA) o la detección de túneles y las opciones de rastreo de filtrado de DNS, y se recibe tráfico DNS de tránsito válido específico, esto provoca un bloqueo y reinicio del PFE, lo que lleva a una denegación de servicio. Este problema afecta a Junos OS: * Todas las versiones anteriores a 21.4R3-S6, * Versiones 22.2 anteriores a 22.2R3-S3, * Versiones 22.3 anteriores a 22.3R3-S3, * Versiones 22.4 anteriores a 22.4R3, * Versiones 23.2 anteriores a 23.2R2.", }, ], id: "CVE-2024-39529", lastModified: "2024-11-21T09:27:56.317", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "sirt@juniper.net", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 8.7, baseSeverity: "HIGH", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "LOW", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "sirt@juniper.net", type: "Primary", }, ], }, published: "2024-07-11T16:15:04.343", references: [ { source: "sirt@juniper.net", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA82988", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://supportportal.juniper.net/JSA82988", }, ], sourceIdentifier: "sirt@juniper.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-134", }, ], source: "sirt@juniper.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-134", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2024-21606
Vulnerability from cvelistv5
Published
2024-01-12 00:54
Modified
2024-08-01 22:27
Severity ?
EPSS score ?
Summary
A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).
In a remote access VPN scenario, if a "tcp-encap-profile" is configured and a sequence of specific packets is received, a flowd crash and restart will be observed.
This issue affects Juniper Networks Junos OS on SRX Series:
* All versions earlier than 20.4R3-S8;
* 21.2 versions earlier than 21.2R3-S6;
* 21.3 versions earlier than 21.3R3-S5;
* 21.4 versions earlier than 21.4R3-S5;
* 22.1 versions earlier than 22.1R3-S3;
* 22.2 versions earlier than 22.2R3-S3;
* 22.3 versions earlier than 22.3R3-S1;
* 22.4 versions earlier than 22.4R2-S2, 22.4R3.
References
| ▼ | URL | Tags |
|---|---|---|
| https://supportportal.juniper.net/JSA75747 | vendor-advisory | |
| https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H | technical-description |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Version: 0 ≤ Version: 21.2 ≤ Version: 21.3 ≤ Version: 21.4 ≤ Version: 22.1 ≤ Version: 22.2 ≤ Version: 22.3 ≤ Version: 22.4 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T22:27:35.875Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://supportportal.juniper.net/JSA75747", }, { tags: [ "technical-description", "x_transferred", ], url: "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "SRX Series", ], product: "Junos OS", vendor: "Juniper Networks", versions: [ { lessThan: "20.4R3-S8", status: "affected", version: "0", versionType: "semver", }, { lessThan: "21.2R3-S6", status: "affected", version: "21.2", versionType: "semver", }, { lessThan: "21.3R3-S5", status: "affected", version: "21.3", versionType: "semver", }, { lessThan: "21.4R3-S5", status: "affected", version: "21.4", versionType: "semver", }, { lessThan: "22.1R3-S3", status: "affected", version: "22.1", versionType: "semver", }, { lessThan: "22.2R3-S3", status: "affected", version: "22.2", versionType: "semver", }, { lessThan: "22.3R3-S1", status: "affected", version: "22.3", versionType: "semver", }, { lessThan: "22.4R2-S2, 22.4R3", status: "affected", version: "22.4", versionType: "semver", }, ], }, ], configurations: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>To be exposed to this issue the following configuration needs to be present:</p><code> [security ike gateway <gateway-name> tcp-encap-profile <profile-name> ]</code><br/>", }, ], value: "To be exposed to this issue the following configuration needs to be present:\n\n [security ike gateway <gateway-name> tcp-encap-profile <profile-name> ]\n", }, ], datePublic: "2024-01-10T17:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<p>A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).</p><p>In a remote access VPN scenario, if a \"tcp-encap-profile\" is configured and a sequence of specific packets is received, a flowd crash and restart will be observed.</p><p>This issue affects Juniper Networks Junos OS on SRX Series:</p><p></p><ul><li>All versions earlier than 20.4R3-S8;</li><li>21.2 versions earlier than 21.2R3-S6;</li><li>21.3 versions earlier than 21.3R3-S5;</li><li>21.4 versions earlier than 21.4R3-S5;</li><li>22.1 versions earlier than 22.1R3-S3;</li><li>22.2 versions earlier than 22.2R3-S3;</li><li>22.3 versions earlier than 22.3R3-S1;</li><li>22.4 versions earlier than 22.4R2-S2, 22.4R3.</li></ul><p></p>\n\n", }, ], value: "\nA Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).\n\nIn a remote access VPN scenario, if a \"tcp-encap-profile\" is configured and a sequence of specific packets is received, a flowd crash and restart will be observed.\n\nThis issue affects Juniper Networks Junos OS on SRX Series:\n\n\n\n * All versions earlier than 20.4R3-S8;\n * 21.2 versions earlier than 21.2R3-S6;\n * 21.3 versions earlier than 21.3R3-S5;\n * 21.4 versions earlier than 21.4R3-S5;\n * 22.1 versions earlier than 22.1R3-S3;\n * 22.2 versions earlier than 22.2R3-S3;\n * 22.3 versions earlier than 22.3R3-S1;\n * 22.4 versions earlier than 22.4R2-S2, 22.4R3.\n\n\n\n\n\n\n", }, ], exploits: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Juniper SIRT is not aware of any malicious exploitation of this vulnerability.</p>", }, ], value: "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-415", description: "CWE-415 Double Free", lang: "en", type: "CWE", }, ], }, { descriptions: [ { description: "Denial of Service (DoS)", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-12T00:54:51.832Z", orgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", shortName: "juniper", }, references: [ { tags: [ "vendor-advisory", ], url: "https://supportportal.juniper.net/JSA75747", }, { tags: [ "technical-description", ], url: "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>The following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S3, 22.2R3-S3, 22.3R3-S1, 22.4R2-S2, 22.4R3, 23.2R1, and all subsequent releases.</p>", }, ], value: "The following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S3, 22.2R3-S3, 22.3R3-S1, 22.4R2-S2, 22.4R3, 23.2R1, and all subsequent releases.\n\n", }, ], source: { advisory: "JSA75747", defect: [ "1721936", ], discovery: "USER", }, timeline: [ { lang: "en", time: "2024-01-10T17:00:00.000Z", value: "Initial Publication", }, ], title: "Junos OS: SRX Series: When \"tcp-encap\" is configured and specific packets are received flowd will crash", workarounds: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>There are no known workarounds for this issue.</p>", }, ], value: "There are no known workarounds for this issue.\n\n", }, ], x_generator: { engine: "Vulnogram 0.1.0-av217", }, }, }, cveMetadata: { assignerOrgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", assignerShortName: "juniper", cveId: "CVE-2024-21606", datePublished: "2024-01-12T00:54:51.832Z", dateReserved: "2023-12-27T19:38:25.707Z", dateUpdated: "2024-08-01T22:27:35.875Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-21620
Vulnerability from cvelistv5
Published
2024-01-25 22:50
Modified
2024-08-01 22:27
Severity ?
EPSS score ?
Summary
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's permissions, including an administrator.
A specific invocation of the emit_debug_note method in webauth_operation.php will echo back the data it receives.
This issue affects Juniper Networks Junos OS on SRX Series and EX Series:
* All versions earlier than 20.4R3-S10;
* 21.2 versions earlier than 21.2R3-S8;
* 21.4 versions earlier than 21.4R3-S6;
* 22.1 versions earlier than 22.1R3-S5;
* 22.2 versions earlier than 22.2R3-S3;
* 22.3 versions earlier than 22.3R3-S2;
* 22.4 versions earlier than 22.4R3-S1;
* 23.2 versions earlier than 23.2R2;
* 23.4 versions earlier than 23.4R2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://supportportal.juniper.net/JSA76390 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Version: 0 ≤ Version: 21.2 ≤ Version: 21.4 ≤ Version: 22.1 ≤ Version: 22.2 ≤ Version: 22.3 ≤ Version: 22.4 ≤ Version: 23.2 ≤ Version: 23.4 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T22:27:35.367Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://supportportal.juniper.net/JSA76390", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "SRX Series", "EX Series", ], product: "Junos OS", vendor: "Juniper Networks", versions: [ { lessThan: "20.4R3-S10", status: "affected", version: "0", versionType: "semver", }, { lessThan: "21.2R3-S8", status: "affected", version: "21.2", versionType: "semver", }, { lessThan: "21.4R3-S6", status: "affected", version: "21.4", versionType: "semver", }, { lessThan: "22.1R3-S5", status: "affected", version: "22.1", versionType: "semver", }, { lessThan: "22.2R3-S3", status: "affected", version: "22.2", versionType: "semver", }, { lessThan: "22.3R3-S2", status: "affected", version: "22.3", versionType: "semver", }, { lessThan: "22.4R3-S1", status: "affected", version: "22.4", versionType: "semver", }, { lessThan: "23.2R2", status: "affected", version: "23.2", versionType: "semver", }, { lessThan: "23.4R2", status: "affected", version: "23.4", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "The Juniper SIRT would like to acknowledge and thank watchtowr for responsibly reporting this vulnerability.", }, ], datePublic: "2024-01-25T17:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's permissions, including an administrator.<br><br>A specific invocation of the emit_debug_note method in webauth_operation.php will echo back the data it receives.<br><br>This issue affects Juniper Networks Junos OS on SRX Series and EX Series:<br><ul><li>All versions earlier than 20.4R3-S10;</li><li>21.2 versions earlier than 21.2R3-S8;</li><li>21.4 versions earlier than 21.4R3-S6;</li><li>22.1 versions earlier than 22.1R3-S5;</li><li>22.2 versions earlier than 22.2R3-S3;</li><li>22.3 versions earlier than 22.3R3-S2;</li><li>22.4 versions earlier than 22.4R3-S1;</li><li>23.2 versions earlier than 23.2R2;</li><li>23.4 versions earlier than 23.4R2.</li></ul>", }, ], value: "An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's permissions, including an administrator.\n\nA specific invocation of the emit_debug_note method in webauth_operation.php will echo back the data it receives.\n\nThis issue affects Juniper Networks Junos OS on SRX Series and EX Series:\n * All versions earlier than 20.4R3-S10;\n * 21.2 versions earlier than 21.2R3-S8;\n * 21.4 versions earlier than 21.4R3-S6;\n * 22.1 versions earlier than 22.1R3-S5;\n * 22.2 versions earlier than 22.2R3-S3;\n * 22.3 versions earlier than 22.3R3-S2;\n * 22.4 versions earlier than 22.4R3-S1;\n * 23.2 versions earlier than 23.2R2;\n * 23.4 versions earlier than 23.4R2.\n\n\n", }, ], exploits: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Juniper SIRT is not aware of any malicious exploitation of this vulnerability.</p>", }, ], value: "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-25T22:51:36.390Z", orgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", shortName: "juniper", }, references: [ { tags: [ "vendor-advisory", ], url: "https://supportportal.juniper.net/JSA76390", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>The following software releases have been updated to resolve this specific issue: 20.4R3-S10*, 21.2R3-S8*, 21.4R3-S6*, 22.1R3-S5*, 22.2R3-S3*, 22.3R3-S2*, 22.4R3-S1*, 23.2R2*, 23.4R2*, 24.2R1*, and all subsequent releases.</p><p>* Pending Publication</p>", }, ], value: "The following software releases have been updated to resolve this specific issue: 20.4R3-S10*, 21.2R3-S8*, 21.4R3-S6*, 22.1R3-S5*, 22.2R3-S3*, 22.3R3-S2*, 22.4R3-S1*, 23.2R2*, 23.4R2*, 24.2R1*, and all subsequent releases.\n\n* Pending Publication\n\n", }, ], source: { defect: [ "1779376", ], discovery: "EXTERNAL", }, timeline: [ { lang: "en", time: "2024-01-25T17:00:00.000Z", value: "Initial Publication", }, ], title: "Junos OS: SRX Series and EX Series: J-Web doesn't sufficiently sanitize input to prevent XSS", workarounds: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Disable J-Web, or limit access to only trusted hosts and users.</p>", }, ], value: "Disable J-Web, or limit access to only trusted hosts and users.\n\n", }, ], x_generator: { engine: "Vulnogram 0.1.0-av217", }, }, }, cveMetadata: { assignerOrgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", assignerShortName: "juniper", cveId: "CVE-2024-21620", datePublished: "2024-01-25T22:50:18.164Z", dateReserved: "2023-12-27T19:38:25.710Z", dateUpdated: "2024-08-01T22:27:35.367Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-1285
Vulnerability from cvelistv5
Published
2016-03-09 23:00
Modified
2024-08-05 22:48
Severity ?
EPSS score ?
Summary
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
References
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2016-1285", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-23T17:28:36.470367Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-23T17:28:43.535Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-05T22:48:13.763Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { name: "FEDORA-2016-5047abe4a9", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html", }, { name: "DSA-3511", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3511", }, { name: "SUSE-SU-2016:0780", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html", }, { name: "FreeBSD-SA-16:13", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.isc.org/article/AA-01438", }, { name: "USN-2925-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2925-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.isc.org/article/AA-01352", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "RHSA-2016:0562", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0562.html", }, { name: "openSUSE-SU-2016:0830", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html", }, { name: "GLSA-201610-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201610-07", }, { name: "1035236", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1035236", }, { name: "SUSE-SU-2016:1541", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html", }, { name: "FEDORA-2016-364c0a9df4", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html", }, { name: "openSUSE-SU-2016:0834", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html", }, { name: "HPSBUX03583", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { name: "SUSE-SU-2016:0759", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.isc.org/article/AA-01380", }, { name: "FEDORA-2016-dce6dbe6a8", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html", }, { name: "FEDORA-2016-b593e84223", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "SUSE-SU-2016:0825", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html", }, { name: "RHSA-2016:0601", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0601.html", }, { name: "SSRT110084", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { name: "openSUSE-SU-2016:0859", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html", }, { name: "FEDORA-2016-161b73fc2c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html", }, { name: "openSUSE-SU-2016:0827", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html", }, { name: "FEDORA-2016-75f31fbb0a", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-03-09T00:00:00", descriptions: [ { lang: "en", value: "named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-20T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { name: "FEDORA-2016-5047abe4a9", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html", }, { name: "DSA-3511", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3511", }, { name: "SUSE-SU-2016:0780", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html", }, { name: "FreeBSD-SA-16:13", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.isc.org/article/AA-01438", }, { name: "USN-2925-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2925-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.isc.org/article/AA-01352", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "RHSA-2016:0562", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0562.html", }, { name: "openSUSE-SU-2016:0830", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html", }, { name: "GLSA-201610-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201610-07", }, { name: "1035236", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1035236", }, { name: "SUSE-SU-2016:1541", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html", }, { name: "FEDORA-2016-364c0a9df4", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html", }, { name: "openSUSE-SU-2016:0834", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html", }, { name: "HPSBUX03583", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { name: "SUSE-SU-2016:0759", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.isc.org/article/AA-01380", }, { name: "FEDORA-2016-dce6dbe6a8", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html", }, { name: "FEDORA-2016-b593e84223", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "SUSE-SU-2016:0825", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html", }, { name: "RHSA-2016:0601", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0601.html", }, { name: "SSRT110084", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { name: "openSUSE-SU-2016:0859", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html", }, { name: "FEDORA-2016-161b73fc2c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html", }, { name: "openSUSE-SU-2016:0827", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html", }, { name: "FEDORA-2016-75f31fbb0a", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-1285", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { name: "FEDORA-2016-5047abe4a9", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html", }, { name: "DSA-3511", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3511", }, { name: "SUSE-SU-2016:0780", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html", }, { name: "FreeBSD-SA-16:13", refsource: "FREEBSD", url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc", }, { name: "https://kb.isc.org/article/AA-01438", refsource: "CONFIRM", url: "https://kb.isc.org/article/AA-01438", }, { name: "USN-2925-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2925-1", }, { name: "https://kb.isc.org/article/AA-01352", refsource: "CONFIRM", url: "https://kb.isc.org/article/AA-01352", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "RHSA-2016:0562", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0562.html", }, { name: "openSUSE-SU-2016:0830", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html", }, { name: "GLSA-201610-07", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201610-07", }, { name: "1035236", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1035236", }, { name: "SUSE-SU-2016:1541", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html", }, { name: "FEDORA-2016-364c0a9df4", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html", }, { name: "openSUSE-SU-2016:0834", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html", }, { name: "HPSBUX03583", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { name: "SUSE-SU-2016:0759", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html", }, { name: "https://kb.isc.org/article/AA-01380", refsource: "CONFIRM", url: "https://kb.isc.org/article/AA-01380", }, { name: "FEDORA-2016-dce6dbe6a8", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html", }, { name: "FEDORA-2016-b593e84223", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", }, { name: "SUSE-SU-2016:0825", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html", }, { name: "RHSA-2016:0601", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0601.html", }, { name: "SSRT110084", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { name: "openSUSE-SU-2016:0859", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html", }, { name: "FEDORA-2016-161b73fc2c", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html", }, { name: "openSUSE-SU-2016:0827", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html", }, { name: "FEDORA-2016-75f31fbb0a", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-1285", datePublished: "2016-03-09T23:00:00", dateReserved: "2016-01-04T00:00:00", dateUpdated: "2024-08-05T22:48:13.763Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-39540
Vulnerability from cvelistv5
Published
2024-07-11 16:16
Modified
2024-08-02 04:26
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
EPSS score ?
Summary
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on SRX Series, and MX Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
When an affected device receives specific valid TCP traffic, the pfe crashes and restarts leading to a momentary but complete service outage.
This issue affects Junos OS:
21.2 releases from 21.2R3-S5 before 21.2R3-S6.
This issue does not affect earlier or later releases.
References
| ▼ | URL | Tags |
|---|---|---|
| https://supportportal.juniper.net/JSA83000 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Version: 21.2R3-S5 ≤ |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:juniper:junos:21.2:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "junos", vendor: "juniper", versions: [ { lessThan: "21.2r3-s6", status: "affected", version: "21.2", versionType: "semver", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-39540", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-11T18:48:08.891704Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-11T18:52:47.153Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T04:26:16.011Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://supportportal.juniper.net/JSA83000", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "SRX Series", "MX Series", ], product: "Junos OS", vendor: "Juniper Networks", versions: [ { lessThan: "21.2R3-S6", status: "affected", version: "21.2R3-S5", versionType: "semver", }, ], }, ], datePublic: "2024-07-10T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on SRX Series, and MX Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).<br><br>When an affected device receives specific valid TCP traffic, the pfe crashes and restarts leading to a momentary but complete service outage.<br><br><p>This issue affects Junos OS:</p><p>21.2 releases from 21.2R3-S5 before 21.2R3-S6.</p><p>This issue does not affect earlier or later releases.</p>", }, ], value: "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on SRX Series, and MX Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\n\nWhen an affected device receives specific valid TCP traffic, the pfe crashes and restarts leading to a momentary but complete service outage.\n\nThis issue affects Junos OS:\n\n21.2 releases from 21.2R3-S5 before 21.2R3-S6.\n\nThis issue does not affect earlier or later releases.", }, ], exploits: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", }, ], value: "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, { cvssV4_0: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 8.7, baseSeverity: "HIGH", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "LOW", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-754", description: "CWE-754 Improper Check for Unusual or Exceptional Conditions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-11T16:16:37.977Z", orgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", shortName: "juniper", }, references: [ { tags: [ "vendor-advisory", ], url: "https://supportportal.juniper.net/JSA83000", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "The following software releases have been updated to resolve this specific issue: 21.2R3-S6.", }, ], value: "The following software releases have been updated to resolve this specific issue: 21.2R3-S6.", }, ], source: { advisory: "JSA83000", defect: [ "1733627", ], discovery: "USER", }, title: "Junos OS: SRX Series, and MX Series with SPC3: Specific valid TCP traffic can cause a pfe crash", workarounds: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "There are no known workarounds for this issue.", }, ], value: "There are no known workarounds for this issue.", }, ], x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", assignerShortName: "juniper", cveId: "CVE-2024-39540", datePublished: "2024-07-11T16:16:37.977Z", dateReserved: "2024-06-25T15:12:53.244Z", dateUpdated: "2024-08-02T04:26:16.011Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-39529
Vulnerability from cvelistv5
Published
2024-07-11 16:03
Modified
2024-08-02 04:26
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
EPSS score ?
Summary
A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
If DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and specific valid transit DNS traffic is received this causes a PFE crash and restart, leading to a Denial of Service.
This issue affects Junos OS:
* All versions before 21.4R3-S6,
* 22.2 versions before 22.2R3-S3,
* 22.3 versions before 22.3R3-S3,
* 22.4 versions before 22.4R3,
* 23.2 versions before 23.2R2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://supportportal.juniper.net/JSA82988 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Version: 0 ≤ Version: 22.2 ≤ Version: 22.3 ≤ Version: 22.4 ≤ Version: 23.2 ≤ |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:o:juniper:junos_os:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "junos_os", vendor: "juniper", versions: [ { lessThan: "21.4r3-s6", status: "affected", version: "0", versionType: "custom", }, { lessThan: "22.2r3-s3", status: "affected", version: "22.2", versionType: "custom", }, { lessThan: "22.3r3-s3", status: "affected", version: "22.3", versionType: "custom", }, { lessThan: "22.4r3", status: "affected", version: "22.4", versionType: "custom", }, { lessThan: "23.2r2", status: "affected", version: "23.2", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-39529", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-11T18:27:00.817170Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-12T16:35:49.572Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T04:26:15.162Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://supportportal.juniper.net/JSA82988", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "SRX Series", ], product: "Junos OS", vendor: "Juniper Networks", versions: [ { lessThan: "21.4R3-S6", status: "affected", version: "0", versionType: "semver", }, { lessThan: "22.2R3-S3", status: "affected", version: "22.2", versionType: "semver", }, { lessThan: "22.3R3-S3", status: "affected", version: "22.3", versionType: "semver", }, { lessThan: "22.4R3", status: "affected", version: "22.4", versionType: "semver", }, { lessThan: "23.2R2", status: "affected", version: "23.2", versionType: "semver", }, ], }, ], configurations: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "To be exposed to this issue at least one of DGA or tunnel detection needs to be configured:<br><br><tt>[ services security-metadata-streaming policy <name> dns detections dga ]<br>\n\n[ services security-metadata-streaming policy <name> dns detections tunneling ]</tt>\n\n<br><br>and DNS traceoptions have to be configured:<br><br><tt>[ services dns-filtering traceoptions ... ]</tt>", }, ], value: "To be exposed to this issue at least one of DGA or tunnel detection needs to be configured:\n\n[ services security-metadata-streaming policy <name> dns detections dga ]\n\n\n[ services security-metadata-streaming policy <name> dns detections tunneling ]\n\n\n\nand DNS traceoptions have to be configured:\n\n[ services dns-filtering traceoptions ... ]", }, ], datePublic: "2024-07-10T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a <span style=\"background-color: rgb(255, 255, 255);\">Denial-of-Service (DoS).</span></span><br><br>\n\n<span style=\"background-color: rgb(255, 255, 255);\">If DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are <span style=\"background-color: rgb(255, 255, 255);\">configured, and specific valid transit DNS traffic is received this causes </span></span>a PFE crash and restart, leading to a Denial of Service.<br><br><span style=\"background-color: var(--wht);\">This issue affects Junos OS: <br><ul><li><span style=\"background-color: var(--wht);\">All versions before 21.4R3-S6,</span></li><li><span style=\"background-color: var(--wht);\">22.2 versions before 22.2R3-S3,</span></li><li><span style=\"background-color: var(--wht);\">22.3 versions before 22.3R3-S3,</span></li><li><span style=\"background-color: var(--wht);\">22.4 versions before 22.4R3,</span></li><li><span style=\"background-color: var(--wht);\">23.2 versions before 23.2R2.</span></li></ul></span>", }, ], value: "A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\n\n\n\nIf DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and specific valid transit DNS traffic is received this causes a PFE crash and restart, leading to a Denial of Service.\n\nThis issue affects Junos OS: \n * All versions before 21.4R3-S6,\n * 22.2 versions before 22.2R3-S3,\n * 22.3 versions before 22.3R3-S3,\n * 22.4 versions before 22.4R3,\n * 23.2 versions before 23.2R2.", }, ], exploits: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", }, ], value: "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, { cvssV4_0: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 8.7, baseSeverity: "HIGH", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "LOW", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-134", description: "CWE-134 Use of Externally-Controlled Format String", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-11T16:03:26.980Z", orgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", shortName: "juniper", }, references: [ { tags: [ "vendor-advisory", ], url: "https://supportportal.juniper.net/JSA82988", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "The following software releases have been updated to resolve this specific issue: 21.4R3-S6, 22.2R3-S3, 22.3R3-S3, 22.4R3, 23.2R2, 23.4R1, and all subsequent releases.", }, ], value: "The following software releases have been updated to resolve this specific issue: 21.4R3-S6, 22.2R3-S3, 22.3R3-S3, 22.4R3, 23.2R2, 23.4R1, and all subsequent releases.", }, ], source: { advisory: "JSA82988", defect: [ "1755484", ], discovery: "USER", }, title: "Junos OS: SRX Series: If DNS traceoptions are configured in a DGA or tunnel detection scenario specific DNS traffic leads to a PFE crash", workarounds: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "There are no known workarounds for this issue.", }, ], value: "There are no known workarounds for this issue.", }, ], x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", assignerShortName: "juniper", cveId: "CVE-2024-39529", datePublished: "2024-07-11T16:03:26.980Z", dateReserved: "2024-06-25T15:12:53.240Z", dateUpdated: "2024-08-02T04:26:15.162Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-21619
Vulnerability from cvelistv5
Published
2024-01-25 22:48
Modified
2024-08-01 22:27
Severity ?
EPSS score ?
Summary
A Missing Authentication for Critical Function vulnerability combined with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to access sensitive system information.
When a user logs in, a temporary file which contains the configuration of the device (as visible to that user) is created in the /cache folder. An unauthenticated attacker can then attempt to access such a file by sending a specific request to the device trying to guess the name of such a file. Successful exploitation will reveal configuration information.
This issue affects Juniper Networks Junos OS on SRX Series and EX Series:
* All versions earlier than 20.4R3-S9;
* 21.2 versions earlier than 21.2R3-S7;
* 21.3 versions earlier than 21.3R3-S5;
* 21.4 versions earlier than 21.4R3-S6;
* 22.1 versions earlier than 22.1R3-S5;
* 22.2 versions earlier than 22.2R3-S3;
* 22.3 versions earlier than 22.3R3-S2;
* 22.4 versions earlier than 22.4R3;
* 23.2 versions earlier than 23.2R1-S2, 23.2R2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://supportportal.juniper.net/JSA76390 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Version: 0 ≤ Version: 21.2 ≤ Version: 21.3 ≤ Version: 21.4 ≤ Version: 22.1 ≤ Version: 22.2 ≤ Version: 22.3 ≤ Version: 22.4 ≤ Version: 23.2 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T22:27:35.795Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://supportportal.juniper.net/JSA76390", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "SRX Series", "EX Series", ], product: "Junos OS", vendor: "Juniper Networks", versions: [ { lessThan: "20.4R3-S9", status: "affected", version: "0", versionType: "semver", }, { lessThan: "21.2R3-S7", status: "affected", version: "21.2", versionType: "semver", }, { lessThan: "21.3R3-S5", status: "affected", version: "21.3", versionType: "semver", }, { lessThan: "21.4R3-S6", status: "affected", version: "21.4", versionType: "semver", }, { lessThan: "22.1R3-S5", status: "affected", version: "22.1", versionType: "semver", }, { lessThan: "22.2R3-S3", status: "affected", version: "22.2", versionType: "semver", }, { lessThan: "22.3R3-S2", status: "affected", version: "22.3", versionType: "semver", }, { lessThan: "22.4R3", status: "affected", version: "22.4", versionType: "semver", }, { lessThan: "23.2R1-S2, 23.2R2", status: "affected", version: "23.2", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "The Juniper SIRT would like to acknowledge and thank watchtowr for responsibly reporting this vulnerability.", }, ], datePublic: "2024-01-25T17:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A Missing Authentication for Critical Function vulnerability combined with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to access sensitive system information.<br><br>When a user logs in, a temporary file which contains the configuration of the device (as visible to that user) is created in the /cache folder. An unauthenticated attacker can then attempt to access such a file by sending a specific request to the device trying to guess the name of such a file. Successful exploitation will reveal configuration information.<br><br>This issue affects Juniper Networks Junos OS on SRX Series and EX Series:<br><ul><li>All versions earlier than 20.4R3-S9;</li><li>21.2 versions earlier than 21.2R3-S7;</li><li>21.3 versions earlier than 21.3R3-S5;</li><li>21.4 versions earlier than 21.4R3-S6;</li><li>22.1 versions earlier than 22.1R3-S5;</li><li>22.2 versions earlier than 22.2R3-S3;</li><li>22.3 versions earlier than 22.3R3-S2;</li><li>22.4 versions earlier than 22.4R3;</li><li>23.2 versions earlier than 23.2R1-S2, 23.2R2.</li></ul>", }, ], value: "A Missing Authentication for Critical Function vulnerability combined with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to access sensitive system information.\n\nWhen a user logs in, a temporary file which contains the configuration of the device (as visible to that user) is created in the /cache folder. An unauthenticated attacker can then attempt to access such a file by sending a specific request to the device trying to guess the name of such a file. Successful exploitation will reveal configuration information.\n\nThis issue affects Juniper Networks Junos OS on SRX Series and EX Series:\n * All versions earlier than 20.4R3-S9;\n * 21.2 versions earlier than 21.2R3-S7;\n * 21.3 versions earlier than 21.3R3-S5;\n * 21.4 versions earlier than 21.4R3-S6;\n * 22.1 versions earlier than 22.1R3-S5;\n * 22.2 versions earlier than 22.2R3-S3;\n * 22.3 versions earlier than 22.3R3-S2;\n * 22.4 versions earlier than 22.4R3;\n * 23.2 versions earlier than 23.2R1-S2, 23.2R2.\n\n\n", }, ], exploits: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Juniper SIRT is not aware of any malicious exploitation of this vulnerability.</p>", }, ], value: "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-306", description: "CWE-306 Missing Authentication for Critical Function", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-209", description: "CWE-209 Generation of Error Message Containing Sensitive Information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-25T22:52:44.703Z", orgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", shortName: "juniper", }, references: [ { tags: [ "vendor-advisory", ], url: "https://supportportal.juniper.net/JSA76390", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>The following software releases have been updated to resolve this specific issue: 20.4R3-S9, 21.2R3-S7*, 21.3R3-S5, 21.4R3-S6*, 22.1R3-S5*, 22.2R3-S3*, 22.3R3-S2*, 22.4R2-S2, 22.4R3*, 23.2R1-S2, 23.2R2*, 23.4R1, and all subsequent releases.</p><p>*Pending Publication</p>", }, ], value: "The following software releases have been updated to resolve this specific issue: 20.4R3-S9, 21.2R3-S7*, 21.3R3-S5, 21.4R3-S6*, 22.1R3-S5*, 22.2R3-S3*, 22.3R3-S2*, 22.4R2-S2, 22.4R3*, 23.2R1-S2, 23.2R2*, 23.4R1, and all subsequent releases.\n\n*Pending Publication\n\n", }, ], source: { defect: [ "1763260", ], discovery: "EXTERNAL", }, timeline: [ { lang: "en", time: "2024-01-25T17:00:00.000Z", value: "Initial Publication", }, ], title: "Junos OS: SRX Series and EX Series: J-Web - unauthenticated access to temporary files containing sensitive information", workarounds: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Disable J-Web, or limit access to only trusted hosts.</p>", }, ], value: "Disable J-Web, or limit access to only trusted hosts.\n\n", }, ], x_generator: { engine: "Vulnogram 0.1.0-av217", }, }, }, cveMetadata: { assignerOrgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", assignerShortName: "juniper", cveId: "CVE-2024-21619", datePublished: "2024-01-25T22:48:16.839Z", dateReserved: "2023-12-27T19:38:25.710Z", dateUpdated: "2024-08-01T22:27:35.795Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-44198
Vulnerability from cvelistv5
Published
2023-10-12 23:05
Modified
2024-09-18 14:41
Severity ?
EPSS score ?
Summary
An Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated network-based attacker to cause an integrity impact in connected networks.
If the SIP ALG is configured and a device receives a specifically malformed SIP packet, the device prevents this packet from being forwarded, but any subsequently received retransmissions of the same packet are forwarded as if they were valid.
This issue affects Juniper Networks Junos OS on SRX Series and MX Series:
* 20.4 versions prior to 20.4R3-S5;
* 21.1 versions prior to 21.1R3-S4;
* 21.2 versions prior to 21.2R3-S4;
* 21.3 versions prior to 21.3R3-S3;
* 21.4 versions prior to 21.4R3-S2;
* 22.1 versions prior to 22.1R2-S2, 22.1R3;
* 22.2 versions prior to 22.2R2-S1, 22.2R3;
* 22.3 versions prior to 22.3R1-S2, 22.3R2.
This issue doesn't not affected releases prior to 20.4R1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://supportportal.juniper.net/JSA73164 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Version: 20.4 ≤ Version: 21.1 ≤ Version: 21.2 ≤ Version: 21.3 ≤ Version: 21.4 ≤ Version: 22.1 ≤ Version: 22.2 ≤ Version: 22.3 ≤ Version: 0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T19:59:51.680Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "https://supportportal.juniper.net/JSA73164", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:o:juniper_networks:junos_os:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "junos_os", vendor: "juniper_networks", versions: [ { lessThan: "20.4r3-s5", status: "affected", version: "20.4", versionType: "semver", }, { lessThan: "21.1r3-s4", status: "affected", version: "21.1", versionType: "semver", }, { lessThan: "21.2r3-s4", status: "affected", version: "21.2", versionType: "semver", }, { lessThan: "21.3r3-s3", status: "affected", version: "21.3", versionType: "semver", }, { lessThan: "21.4r3-s2", status: "affected", version: "21.4", versionType: "semver", }, { lessThan: "22.1r2-s2,22.1r3", status: "affected", version: "22.1", versionType: "semver", }, { lessThan: "22.2r2-s122.2r3", status: "affected", version: "22.2", versionType: "semver", }, { lessThan: "22.3r1-s2.22.3r2", status: "affected", version: "22.3", versionType: "semver", }, { lessThan: "20.4r1", status: "affected", version: "0", versionType: "semver", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-44198", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-18T14:36:59.623824Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-18T14:41:11.841Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "SRX Series", "MX Series", ], product: "Junos OS", vendor: "Juniper Networks", versions: [ { lessThan: "20.4R3-S5", status: "affected", version: "20.4", versionType: "semver", }, { lessThan: "21.1R3-S4", status: "affected", version: "21.1", versionType: "semver", }, { lessThan: "21.2R3-S4", status: "affected", version: "21.2", versionType: "semver", }, { lessThan: "21.3R3-S3", status: "affected", version: "21.3", versionType: "semver", }, { lessThan: "21.4R3-S2", status: "affected", version: "21.4", versionType: "semver", }, { lessThan: "22.1R2-S2, 22.1R3", status: "affected", version: "22.1", versionType: "semver", }, { lessThan: "22.2R2-S1, 22.2R3", status: "affected", version: "22.2", versionType: "semver", }, { lessThan: "22.3R1-S2, 22.3R2", status: "affected", version: "22.3", versionType: "semver", }, { lessThan: "20.4R1", status: "affected", version: "0", versionType: "semver", }, ], }, ], configurations: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<p>To be affected the SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. Please verify on SRX, and MX with SPC3 with:</p><code>user@host> show security alg status | match sip</code><br><code>SIP : Enabled</code><br><p>Please verify on MX whether the following is configured:</p><code>[ services ... rule <rule-name> (term <term-name> ) from/match application/application-set <name> ]</code><br><p>where either</p><code>a. name = junos-sip or</code><br><p>an application or application-set refers to SIP:</p><code>b. [ applications application <name> application-protocol sip ] or</code><br><code>c. [ applications application-set <name> application junos-sip ]</code>\n\n", }, ], value: "\nTo be affected the SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. Please verify on SRX, and MX with SPC3 with:\n\nuser@host> show security alg status | match sip\nSIP : Enabled\nPlease verify on MX whether the following is configured:\n\n[ services ... rule <rule-name> (term <term-name> ) from/match application/application-set <name> ]\nwhere either\n\na. name = junos-sip or\nan application or application-set refers to SIP:\n\nb. [ applications application <name> application-protocol sip ] or\nc. [ applications application-set <name> application junos-sip ]\n\n", }, ], datePublic: "2023-10-11T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "\n\n<p>An Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated network-based attacker to cause an integrity impact in connected networks.</p><p>If the SIP ALG is configured and a device receives a specifically malformed SIP packet, the device prevents this packet from being forwarded, but any subsequently received retransmissions of the same packet are forwarded as if they were valid.</p><p>This issue affects Juniper Networks Junos OS on SRX Series and MX Series:</p><p></p><ul><li>20.4 versions prior to 20.4R3-S5;</li><li>21.1 versions prior to 21.1R3-S4;</li><li>21.2 versions prior to 21.2R3-S4;</li><li>21.3 versions prior to 21.3R3-S3;</li><li>21.4 versions prior to 21.4R3-S2;</li><li>22.1 versions prior to 22.1R2-S2, 22.1R3;</li><li>22.2 versions prior to 22.2R2-S1, 22.2R3;</li><li>22.3 versions prior to 22.3R1-S2, 22.3R2.</li></ul><p></p><p>This issue doesn't not affected releases prior to 20.4R1.</p>\n\n", }, ], value: "\nAn Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated network-based attacker to cause an integrity impact in connected networks.\n\nIf the SIP ALG is configured and a device receives a specifically malformed SIP packet, the device prevents this packet from being forwarded, but any subsequently received retransmissions of the same packet are forwarded as if they were valid.\n\nThis issue affects Juniper Networks Junos OS on SRX Series and MX Series:\n\n\n\n * 20.4 versions prior to 20.4R3-S5;\n * 21.1 versions prior to 21.1R3-S4;\n * 21.2 versions prior to 21.2R3-S4;\n * 21.3 versions prior to 21.3R3-S3;\n * 21.4 versions prior to 21.4R3-S2;\n * 22.1 versions prior to 22.1R2-S2, 22.1R3;\n * 22.2 versions prior to 22.2R2-S1, 22.2R3;\n * 22.3 versions prior to 22.3R1-S2, 22.3R2.\n\n\n\n\nThis issue doesn't not affected releases prior to 20.4R1.\n\n\n\n", }, ], exploits: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Juniper SIRT is not aware of any malicious exploitation of this vulnerability.</p>", }, ], value: "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-754", description: "CWE-754 Improper Check for Unusual or Exceptional Conditions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-12T23:05:42.031Z", orgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", shortName: "juniper", }, references: [ { tags: [ "vendor-advisory", ], url: "https://supportportal.juniper.net/JSA73164", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>The following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S5, 21.1R3-S4, 21.2R3-S4, 21.3R3-S3, 21.4R3-S2, 22.1R2-S2, 22.1R3, 22.2R2-S1, 22.2R3, 22.3R1-S2, 22.3R2, 22.4R1, and all subsequent releases.</p>", }, ], value: "The following software releases have been updated to resolve this specific issue: Junos OS 20.4R3-S5, 21.1R3-S4, 21.2R3-S4, 21.3R3-S3, 21.4R3-S2, 22.1R2-S2, 22.1R3, 22.2R2-S1, 22.2R3, 22.3R1-S2, 22.3R2, 22.4R1, and all subsequent releases.\n\n", }, ], source: { advisory: "JSA73164", defect: [ "1693379", ], discovery: "INTERNAL", }, timeline: [ { lang: "en", time: "2023-10-11T16:00:00.000Z", value: "Initial Publication", }, ], title: "Junos OS: SRX Series and MX Series: SIP ALG doesn't drop specifically malformed retransmitted SIP packets", workarounds: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>There are no known workarounds for this issue.</p>", }, ], value: "There are no known workarounds for this issue.\n\n", }, ], x_generator: { engine: "Vulnogram 0.1.0-av217", }, }, }, cveMetadata: { assignerOrgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", assignerShortName: "juniper", cveId: "CVE-2023-44198", datePublished: "2023-10-12T23:05:42.031Z", dateReserved: "2023-09-26T19:30:32.350Z", dateUpdated: "2024-09-18T14:41:11.841Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-21609
Vulnerability from cvelistv5
Published
2024-04-12 14:55
Modified
2024-08-01 22:27
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
7.1 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
EPSS score ?
Summary
A Missing Release of Memory after Effective Lifetime vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an administratively adjacent attacker which is able to successfully establish IPsec tunnels to cause a Denial of Service (DoS).
If specific values for the IPsec parameters local-ip, remote-ip, remote ike-id, and traffic selectors are sent from the peer, a memory leak occurs during every IPsec SA rekey which is carried out with a specific message sequence. This will eventually result in an iked process crash and restart.
The iked process memory consumption can be checked using the below command:
user@host> show system processes extensive | grep iked
PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND
56903 root 31 0 4016M 2543M CPU0 0 2:10 10.50% iked
This issue affects Juniper Networks Junos OS:
* All versions earlier than 20.4R3-S9;
* 21.2 versions earlier than 21.2R3-S7;
* 21.3 versions earlier than 21.3R3-S5;
* 21.4 versions earlier than 21.4R3-S4;
* 22.1 versions earlier than 22.1R3-S3;
* 22.2 versions earlier than 22.2R3-S2;
* 22.3 versions earlier than 22.3R3;
* 22.4 versions earlier than 22.4R3;
* 23.2 versions earlier than 23.2R1-S2, 23.2R2.
References
| ▼ | URL | Tags |
|---|---|---|
| http://supportportal.juniper.net/JSA75750 | vendor-advisory | |
| https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | technical-description |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Version: 0 ≤ Version: 21.2 ≤ Version: 21.3 ≤ Version: 21.4 ≤ Version: 22.1 ≤ Version: 22.2 ≤ Version: 22.3 ≤ Version: 22.4 ≤ Version: 23.2 ≤ |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-21609", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-04-17T17:18:38.989630Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-03T16:41:11.676Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T22:27:35.671Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "http://supportportal.juniper.net/JSA75750", }, { tags: [ "technical-description", "x_transferred", ], url: "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "MX Series with SPC3", "SRX Series", ], product: "Junos OS", vendor: "Juniper Networks", versions: [ { lessThan: "20.4R3-S9", status: "affected", version: "0", versionType: "semver", }, { lessThan: "21.2R3-S7", status: "affected", version: "21.2", versionType: "semver", }, { lessThan: "21.3R3-S5", status: "affected", version: "21.3", versionType: "semver", }, { lessThan: "21.4R3-S4", status: "affected", version: "21.4", versionType: "semver", }, { lessThan: "22.1R3-S3", status: "affected", version: "22.1", versionType: "semver", }, { lessThan: "22.2R3-S2", status: "affected", version: "22.2", versionType: "semver", }, { lessThan: "22.3R3", status: "affected", version: "22.3", versionType: "semver", }, { lessThan: "22.4R3", status: "affected", version: "22.4", versionType: "semver", }, { lessThan: "23.2R1-S2, 23.2R2", status: "affected", version: "23.2", versionType: "semver", }, ], }, ], configurations: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>To be exposed to this issue IPsec VPN needs to be configured with a minimal ike configuration:</p><p> [ security ike gateway ike-policy ]</p><p> [ security ipsec vpn ike gateway ]</p><p>and the system needs to run iked (vs. kmd which is not affected), which can be verified with:</p><p> show system processes extensive | match \"KMD|IKED\"</p>", }, ], value: "To be exposed to this issue IPsec VPN needs to be configured with a minimal ike configuration:\n\n [ security ike gateway ike-policy ]\n\n [ security ipsec vpn ike gateway ]\n\nand the system needs to run iked (vs. kmd which is not affected), which can be verified with:\n\n show system processes extensive | match \"KMD|IKED\"", }, ], datePublic: "2024-04-10T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A Missing Release of Memory after Effective Lifetime vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an administratively adjacent attacker which is able to successfully establish IPsec tunnels to cause a Denial of Service (DoS).<br><br>If specific values for the IPsec parameters local-ip, remote-ip, remote ike-id, and traffic selectors are sent from the peer, a memory leak occurs during every IPsec SA rekey which is carried out with a specific message sequence. This will eventually result in an iked process crash and restart.<br><br>The iked process memory consumption can be checked using the below command:<br><tt> user@host> show system processes extensive | grep iked<br> PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND<br> 56903 root 31 0 4016M 2543M CPU0 0 2:10 10.50% iked</tt><br><br>This issue affects Juniper Networks Junos OS:<br><ul><li>All versions earlier than 20.4R3-S9;</li><li>21.2 versions earlier than 21.2R3-S7;</li><li>21.3 versions earlier than 21.3R3-S5;</li><li>21.4 versions earlier than 21.4R3-S4;</li><li>22.1 versions earlier than 22.1R3-S3;</li><li>22.2 versions earlier than 22.2R3-S2;</li><li>22.3 versions earlier than 22.3R3;</li><li>22.4 versions earlier than 22.4R3;</li><li>23.2 versions earlier than 23.2R1-S2, 23.2R2.</li></ul>", }, ], value: "A Missing Release of Memory after Effective Lifetime vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an administratively adjacent attacker which is able to successfully establish IPsec tunnels to cause a Denial of Service (DoS).\n\nIf specific values for the IPsec parameters local-ip, remote-ip, remote ike-id, and traffic selectors are sent from the peer, a memory leak occurs during every IPsec SA rekey which is carried out with a specific message sequence. This will eventually result in an iked process crash and restart.\n\nThe iked process memory consumption can be checked using the below command:\n user@host> show system processes extensive | grep iked\n PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND\n 56903 root 31 0 4016M 2543M CPU0 0 2:10 10.50% iked\n\nThis issue affects Juniper Networks Junos OS:\n * All versions earlier than 20.4R3-S9;\n * 21.2 versions earlier than 21.2R3-S7;\n * 21.3 versions earlier than 21.3R3-S5;\n * 21.4 versions earlier than 21.4R3-S4;\n * 22.1 versions earlier than 22.1R3-S3;\n * 22.2 versions earlier than 22.2R3-S2;\n * 22.3 versions earlier than 22.3R3;\n * 22.4 versions earlier than 22.4R3;\n * 23.2 versions earlier than 23.2R1-S2, 23.2R2.", }, ], exploits: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Juniper SIRT is not aware of any malicious exploitation of this vulnerability.</p>", }, ], value: "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, { cvssV4_0: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "ADJACENT", baseScore: 7.1, baseSeverity: "HIGH", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "LOW", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-401", description: "CWE-401 Missing Release of Memory after Effective Lifetime", lang: "en", type: "CWE", }, ], }, { descriptions: [ { description: "Denial of Service (DoS)", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-16T20:09:32.000Z", orgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", shortName: "juniper", }, references: [ { tags: [ "vendor-advisory", ], url: "http://supportportal.juniper.net/JSA75750", }, { tags: [ "technical-description", ], url: "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>The following software releases have been updated to resolve this specific issue: 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S2, 22.3R3, 22.4R3, 23.2R1-S2, 23.2R2, 23.4R1, and all subsequent releases.</p>", }, ], value: "The following software releases have been updated to resolve this specific issue: 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S2, 22.3R3, 22.4R3, 23.2R1-S2, 23.2R2, 23.4R1, and all subsequent releases.", }, ], source: { advisory: "JSA75750", defect: [ "1718199", ], discovery: "USER", }, timeline: [ { lang: "en", time: "2024-04-10T16:00:00.000Z", value: "Initial Publication", }, ], title: "Junos OS: MX Series with SPC3, and SRX Series: If specific IPsec parameters are negotiated iked will crash due to a memory leak", workarounds: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>While there is no workaround available, customers can monitor the memory utilization and restart iked periodically to clear the leak.</p>", }, ], value: "While there is no workaround available, customers can monitor the memory utilization and restart iked periodically to clear the leak.", }, ], x_generator: { engine: "Vulnogram 0.1.0-av217", }, }, }, cveMetadata: { assignerOrgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", assignerShortName: "juniper", cveId: "CVE-2024-21609", datePublished: "2024-04-12T14:55:00.663Z", dateReserved: "2023-12-27T19:38:25.708Z", dateUpdated: "2024-08-01T22:27:35.671Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-1286
Vulnerability from cvelistv5
Published
2016-03-09 23:00
Modified
2024-08-05 22:48
Severity ?
EPSS score ?
Summary
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:48:13.712Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { name: "FEDORA-2016-5047abe4a9", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html", }, { name: "DSA-3511", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3511", }, { name: "1035237", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1035237", }, { name: "SUSE-SU-2016:0780", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html", }, { name: "FreeBSD-SA-16:13", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.isc.org/article/AA-01438", }, { name: "USN-2925-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2925-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "RHSA-2016:0562", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0562.html", }, { name: "openSUSE-SU-2016:0830", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "GLSA-201610-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201610-07", }, { name: "SUSE-SU-2016:1541", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html", }, { name: "FEDORA-2016-364c0a9df4", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html", }, { name: "openSUSE-SU-2016:0834", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html", }, { name: "HPSBUX03583", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { name: "SUSE-SU-2016:0759", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.isc.org/article/AA-01380", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.isc.org/article/AA-01353", }, { name: "FEDORA-2016-dce6dbe6a8", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html", }, { name: "FEDORA-2016-b593e84223", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821", }, { name: "SUSE-SU-2016:0825", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html", }, { name: "RHSA-2016:0601", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0601.html", }, { name: "SSRT110084", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { name: "openSUSE-SU-2016:0859", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html", }, { name: "FEDORA-2016-161b73fc2c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html", }, { name: "openSUSE-SU-2016:0827", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html", }, { name: "FEDORA-2016-75f31fbb0a", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-03-09T00:00:00", descriptions: [ { lang: "en", value: "named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-20T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { name: "FEDORA-2016-5047abe4a9", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html", }, { name: "DSA-3511", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3511", }, { name: "1035237", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1035237", }, { name: "SUSE-SU-2016:0780", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html", }, { name: "FreeBSD-SA-16:13", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.isc.org/article/AA-01438", }, { name: "USN-2925-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2925-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "RHSA-2016:0562", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0562.html", }, { name: "openSUSE-SU-2016:0830", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "GLSA-201610-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201610-07", }, { name: "SUSE-SU-2016:1541", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html", }, { name: "FEDORA-2016-364c0a9df4", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html", }, { name: "openSUSE-SU-2016:0834", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html", }, { name: "HPSBUX03583", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { name: "SUSE-SU-2016:0759", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.isc.org/article/AA-01380", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.isc.org/article/AA-01353", }, { name: "FEDORA-2016-dce6dbe6a8", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html", }, { name: "FEDORA-2016-b593e84223", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821", }, { name: "SUSE-SU-2016:0825", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html", }, { name: "RHSA-2016:0601", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0601.html", }, { name: "SSRT110084", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { name: "openSUSE-SU-2016:0859", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html", }, { name: "FEDORA-2016-161b73fc2c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html", }, { name: "openSUSE-SU-2016:0827", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html", }, { name: "FEDORA-2016-75f31fbb0a", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-1286", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", }, { name: "FEDORA-2016-5047abe4a9", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html", }, { name: "DSA-3511", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3511", }, { name: "1035237", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1035237", }, { name: "SUSE-SU-2016:0780", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html", }, { name: "FreeBSD-SA-16:13", refsource: "FREEBSD", url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc", }, { name: "https://kb.isc.org/article/AA-01438", refsource: "CONFIRM", url: "https://kb.isc.org/article/AA-01438", }, { name: "USN-2925-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2925-1", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "RHSA-2016:0562", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0562.html", }, { name: "openSUSE-SU-2016:0830", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { name: "GLSA-201610-07", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201610-07", }, { name: "SUSE-SU-2016:1541", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html", }, { name: "FEDORA-2016-364c0a9df4", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html", }, { name: "openSUSE-SU-2016:0834", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html", }, { name: "HPSBUX03583", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { name: "SUSE-SU-2016:0759", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html", }, { name: "https://kb.isc.org/article/AA-01380", refsource: "CONFIRM", url: "https://kb.isc.org/article/AA-01380", }, { name: "https://kb.isc.org/article/AA-01353", refsource: "CONFIRM", url: "https://kb.isc.org/article/AA-01353", }, { name: "FEDORA-2016-dce6dbe6a8", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html", }, { name: "FEDORA-2016-b593e84223", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html", }, { name: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821", }, { name: "SUSE-SU-2016:0825", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html", }, { name: "RHSA-2016:0601", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2016-0601.html", }, { name: "SSRT110084", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=146191105921542&w=2", }, { name: "openSUSE-SU-2016:0859", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html", }, { name: "FEDORA-2016-161b73fc2c", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html", }, { name: "openSUSE-SU-2016:0827", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html", }, { name: "FEDORA-2016-75f31fbb0a", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-1286", datePublished: "2016-03-09T23:00:00", dateReserved: "2016-01-04T00:00:00", dateUpdated: "2024-08-05T22:48:13.712Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-30391
Vulnerability from cvelistv5
Published
2024-04-12 15:25
Modified
2024-08-09 20:08
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
6.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
6.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
EPSS score ?
Summary
A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device.
If a device is configured with IPsec authentication algorithm hmac-sha-384 or hmac-sha-512, tunnels are established normally but for traffic traversing the tunnel no authentication information is sent with the encrypted data on egress, and no authentication information is expected on ingress. So if the peer is an unaffected device transit traffic is going to fail in both directions. If the peer is an also affected device transit traffic works, but without authentication, and configuration and CLI operational commands indicate authentication is performed.
This issue affects Junos OS:
* All versions before 20.4R3-S7,
* 21.1 versions before 21.1R3,
* 21.2 versions before 21.2R2-S1, 21.2R3,
* 21.3 versions before 21.3R1-S2, 21.3R2.
References
| ▼ | URL | Tags |
|---|---|---|
| http://supportportal.juniper.net/JSA79188 | vendor-advisory | |
| https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N | technical-description |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Version: 0 ≤ Version: 21.1 ≤ Version: 21.2 ≤ Version: 21.3 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T01:32:07.096Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "vendor-advisory", "x_transferred", ], url: "http://supportportal.juniper.net/JSA79188", }, { tags: [ "technical-description", "x_transferred", ], url: "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2024-30391", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-09T20:07:30.899427Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-09T20:08:44.052Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", platforms: [ "SRX Series", "MX Series with SPC3", ], product: "Junos OS", vendor: "Juniper Networks", versions: [ { lessThan: "20.4R3-S7", status: "affected", version: "0", versionType: "semver", }, { lessThan: "21.1R3", status: "affected", version: "21.1", versionType: "semver", }, { lessThan: "21.2R2-S1, 21.2R3", status: "affected", version: "21.2", versionType: "semver", }, { lessThan: "21.3R1-S2, 21.3R2", status: "affected", version: "21.3", versionType: "semver", }, ], }, ], configurations: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "For a device to be affected IPsec must be configured with either hmac-sha-384 or hmac-sha-512 as follows:<br><br> [ security ipsec proposal <proposal> authentication-algorithm hmac-sha-384/hmac-sha-512 ]", }, ], value: "For a device to be affected IPsec must be configured with either hmac-sha-384 or hmac-sha-512 as follows:\n\n [ security ipsec proposal <proposal> authentication-algorithm hmac-sha-384/hmac-sha-512 ]", }, ], datePublic: "2024-04-10T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series with SPC3, and <span style=\"background-color: rgb(255, 255, 255);\">SRX Series </span>allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device.<br><br>If a device is configured with IPsec authentication algorithm hmac-sha-384 or hmac-sha-512, tunnels are established normally but for traffic traversing the tunnel no authentication information is sent with the encrypted data on egress, and no authentication information is expected on ingress. So if the peer is an unaffected device transit traffic is going to fail in both directions. If the peer is an also affected device transit traffic works, but without authentication, and configuration and CLI operational commands indicate authentication is performed.<br><p>This issue affects Junos OS:</p><p></p><ul><li><span style=\"background-color: var(--wht);\">All versions before 20.4R3-S7,</span></li><li><span style=\"background-color: var(--wht);\">21.1 versions before 21.1R3, </span></li><li><span style=\"background-color: var(--wht);\">21.2 versions before 21.2R2-S1, 21.2R3, </span></li><li><span style=\"background-color: var(--wht);\">21.3 versions before 21.3R1-S2, 21.3R2.</span></li></ul><p></p>", }, ], value: "A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device.\n\nIf a device is configured with IPsec authentication algorithm hmac-sha-384 or hmac-sha-512, tunnels are established normally but for traffic traversing the tunnel no authentication information is sent with the encrypted data on egress, and no authentication information is expected on ingress. So if the peer is an unaffected device transit traffic is going to fail in both directions. If the peer is an also affected device transit traffic works, but without authentication, and configuration and CLI operational commands indicate authentication is performed.\nThis issue affects Junos OS:\n\n\n\n * All versions before 20.4R3-S7,\n * 21.1 versions before 21.1R3, \n * 21.2 versions before 21.2R2-S1, 21.2R3, \n * 21.3 versions before 21.3R1-S2, 21.3R2.", }, ], exploits: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", }, ], value: "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, { cvssV4_0: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "PRESENT", attackVector: "NETWORK", baseScore: 6.3, baseSeverity: "MEDIUM", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N", version: "4.0", vulnAvailabilityImpact: "LOW", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "LOW", vulnerabilityResponseEffort: "NOT_DEFINED", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-306", description: "CWE-306 Missing Authentication for Critical Function", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-16T20:24:44.347Z", orgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", shortName: "juniper", }, references: [ { tags: [ "vendor-advisory", ], url: "http://supportportal.juniper.net/JSA79188", }, { tags: [ "technical-description", ], url: "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "The following software releases have been updated to resolve this specific issue: 20.4R3-S7, 21.1R3, 21.2R2-S1, 21.2R3, \n\n21.3R1-S2, 21.3R2, 21.4R1, and all subsequent releases.<br>\n\n<br><span style=\"background-color: rgb(255, 255, 255);\">Please note that for releases earlier than 21.1 the affected CLI options have been removed. For releases from 21.1 onwards the issue has been fixed.<br></span>\n\n<br>", }, ], value: "The following software releases have been updated to resolve this specific issue: 20.4R3-S7, 21.1R3, 21.2R2-S1, 21.2R3, \n\n21.3R1-S2, 21.3R2, 21.4R1, and all subsequent releases.\n\n\n\nPlease note that for releases earlier than 21.1 the affected CLI options have been removed. For releases from 21.1 onwards the issue has been fixed.", }, ], source: { advisory: "JSA79188", defect: [ "1557177", ], discovery: "INTERNAL", }, title: "Junos OS: MX Series with SPC3, and SRX Series: When IPsec authentication is configured with \"hmac-sha-384\" and \"hmac-sha-512\" no authentication of traffic is performed", workarounds: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>There are no known workarounds for this issue.</p>", }, ], value: "There are no known workarounds for this issue.", }, ], x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "8cbe9d5a-a066-4c94-8978-4b15efeae968", assignerShortName: "juniper", cveId: "CVE-2024-30391", datePublished: "2024-04-12T15:25:24.733Z", dateReserved: "2024-03-26T23:06:17.994Z", dateUpdated: "2024-08-09T20:08:44.052Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }