CVSS: 7.5EPSS: 0%CPEs: 122EXPL: 0CVE-2018-0062 – Junos OS: Denial of Service in J-Web
https://notcve.org/view.php?id=CVE-2018-0062
A Denial of Service vulnerability in J-Web service may allow a remote unauthenticated user to cause Denial of Service which may prevent other users to authenticate or to perform J-Web operations. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D60 on SRX Series; 15.1 versions prior to 15.1R7; 15.1F6; 15.1X49 versions prior to 15.1X49-D120 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400 Series; 15.1X53 versions prior to 15.1X53-D67 on QFX10K Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D470, 15.1X53-D495 on NFX Series; 16.1 versions prior to 16.1R6; 16.2 versions prior to 16.2R2-S6, 16.2R3; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R2. No other Juniper Networks products or platforms are affected by this issue. Una vulnerabilidad de denegación de servicio (DoS) en el servicio J-Web podría permitir que un usuario remoto no autenticado provoque una denegación de servicio (DoS), lo que evitaría que otros usuarios se autentiquen o realicen operaciones J-Web. Las versiones afectadas de Juniper Networks Junos OS son: 12.1X46 en versiones anteriores a la 12.1X46-D77 en SRX Series; 12.3 en versiones anteriores a la 12.3R12-S10; 12.3X48 en versiones anteriores a la 12.3X48-D60 en SRX Series; 15.1 en versiones anteriores a la 15.1R7; 15.1F6; 15.1X49 en versiones anteriores a la 15.1X49-D120 en SRX Series; 15.1X53 en versiones anteriores a la 15.1X53-D59 en EX2300/EX3400 Series; 15.1X53 en versiones anteriores a la 15.1X53-D67 en QFX10K Series; 15.1X53 en versiones anteriores a la 15.1X53-D234 en QFX5200/QFX5110 Series; 15.1X53 en versiones anteriores a la 15.1X53-D470, 15.1X53-D495 en NFX Series; 16.1 en versiones anteriores a la 16.1R6; 16.2 en versiones anteriores a la 16.2R2-S6, 16.2R3; 17.1 en versiones anteriores a la 17.1R2-S6, 17.1R3; 17.2 en versiones anteriores a la 17.2R3 y 17.3 en versiones anteriores a la 17.3R2. • http://www.securitytracker.com/id/1041860 https://kb.juniper.net/JSA10897 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 143EXPL: 0CVE-2018-0052 – Junos OS: Unauthenticated remote root access possible when RSH service is enabled
https://notcve.org/view.php?id=CVE-2018-0052
If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device. RSH service is disabled by default on Junos. There is no documented CLI command to enable this service. However, an undocumented CLI command allows a privileged Junos user to enable RSH service and disable PAM, and hence expose the system to unauthenticated root access. When RSH is enabled, the device is listing to RSH connections on port 514. • http://www.securitytracker.com/id/1041853 https://kb.juniper.net/JSA10886 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 459EXPL: 2CVE-2018-15504
https://notcve.org/view.php?id=CVE-2018-15504
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11. Se ha descubierto un problema en Embedthis GoAhead en versiones anteriores a la 4.0.1 y Appweb anteriores a la 7.0.2. El servidor maneja incorrectamente algunos campos request HTTP asociados con time, lo que resulta en una desreferencia de puntero NULL, tal y como queda demostrado con If-Modified-Since o If-Unmodified-Since con mes mayor a 11. • https://github.com/embedthis/appweb/commit/66067ae6d1fa08b37a270e7dc1821df52ed2daef https://github.com/embedthis/appweb/issues/605 https://github.com/embedthis/goahead/issues/264 https://supportportal.juniper.net/s/article/2019-07-Security-Bulletin-Junos-OS-J-Web-Denial-of-Service-due-to-multiple-vulnerabilities-in-Embedthis-Appweb-Server https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 225EXPL: 2CVE-2018-15505
https://notcve.org/view.php?id=CVE-2018-15505
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 address. Se ha descubierto un problema en Embedthis GoAhead en versiones anteriores a la 4.0.1 y Appweb anteriores a la 7.0.2. Una petición HTTP POST con un campo de cabecera "Host" especialmente manipulado puede causar una desreferencia de puntero NULL y, por lo tanto, una denegación de servicio, tal y como queda demostrado con la falta de un carácter posterior ']' en una dirección IPv6. • https://github.com/embedthis/appweb/commit/16e6979c82297d5fc4f8661e7ada975f51e4dfa9 https://github.com/embedthis/appweb/issues/605 https://github.com/embedthis/goahead/issues/264 https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved?language=en_US • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 115EXPL: 0CVE-2018-0024 – Junos OS: A privilege escalation vulnerability exists where authenticated users with shell access can become root
https://notcve.org/view.php?id=CVE-2018-0024
An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D45 on SRX Series; 12.3X48 versions prior to 12.3X48-D20 on SRX Series; 12.3 versions prior to 12.3R11 on EX Series; 14.1X53 versions prior to 14.1X53-D30 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100;; 15.1X49 versions prior to 15.1X49-D20 on SRX Series. Una vulnerabilidad de gestión incorrecta de privilegios en una sesión shell de Juniper Networks Junos OS permite que un atacante autenticado sin privilegios obtenga el control total del sistema. Las versiones afectadas son Juniper Networks Junos OS: 12.1X46 en versiones anteriores a la 12.1X46-D45 en SRX Series; 12.3X48 en versiones anteriores a la 12.3X48-D20 en SRX Series; 12.3 en versiones anteriores a la 12.3R11 en EX Series; 14.1X53 en versiones anteriores a la 14.1X53-D30 en EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100 y 15.1X49 en versiones anteriores a la 15.1X49-D20 en SRX Series. • http://www.securityfocus.com/bid/104718 http://www.securitytracker.com/id/1041314 https://kb.juniper.net/JSA10857 • CWE-269: Improper Privilege Management •