CVSS: 8.8EPSS: 0%CPEs: 78EXPL: 0CVE-2018-0005 – Security Bulletin: Junos OS: MAC move limit configured to drop traffic may forward traffic.
https://notcve.org/view.php?id=CVE-2018-0005
QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D40; 15.1X53 versions prior to 15.1X53-D55; 15.1 versions prior to 15.1R7. Los switches de las series QFX y EX configurados para volcar el tráfico cuando se excede el límite de movimiento de MAC redireccionan tráfico en vez de volcarlo. Esto puede provocar denegaciones de servicio (DoS) u otras condiciones no esperadas. • http://www.securitytracker.com/id/1040182 https://kb.juniper.net/JSA10833 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 5.9EPSS: 0%CPEs: 100EXPL: 0CVE-2018-0009 – SRX Series: Firewall bypass vulnerability when UUID with leading zeros is configured.
https://notcve.org/view.php?id=CVE-2018-0009
On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blocked by other rules is permitted to flow through the device resulting in a firewall bypass condition. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D71 on SRX series; 12.3X48 versions prior to 12.3X48-D55 on SRX series; 15.1X49 versions prior to 15.1X49-D100 on SRX series. En los dispositivos Juniper de la serie SRX, las reglas de firewall configuradas para hacer "match" en UUID de aplicación personalizados que empiezan con ceros pueden hacer "match" en todo el tráfico TCP. A causa de este problema, al tráfico que se debería haber bloqueado por otras reglas se le permite fluir a través del dispositivo, resultando en una condición de omisión de firewall. • http://www.securityfocus.com/bid/102491 http://www.securitytracker.com/id/1040187 https://kb.juniper.net/JSA10836 •
CVSS: 7.2EPSS: 0%CPEs: 204EXPL: 0CVE-2018-0008 – Junos OS: commit script may allow unauthenticated root login upon reboot
https://notcve.org/view.php?id=CVE-2018-0008
An unauthenticated root login may allow upon reboot when a commit script is used. A commit script allows a device administrator to execute certain instructions during commit, which is configured under the [system scripts commit] stanza. Certain commit scripts that work without a problem during normal commit may cause unexpected behavior upon reboot which can leave the system in a state where root CLI login is allowed without a password due to the system reverting to a "safe mode" authentication state. Lastly, only logging in physically to the console port as root, with no password, will work. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D71 on SRX; 12.3X48 versions prior to 12.3X48-D55 on SRX; 14.1 versions prior to 14.1R9; 14.1X53 versions prior to 14.1X53-D40 on QFX, EX; 14.2 versions prior to 14.2R7-S9, 14.2R8; 15.1 versions prior to 15.1F5-S7, 15.1F6-S8, 15.1R5-S6, 15.1R6; 15.1X49 versions prior to 15.1X49-D110 on SRX; 15.1X53 versions prior to 15.1X53-D232 on QFX5200/5110; 15.1X53 versions prior to 15.1X53-D49, 15.1X53-D470 on NFX; 15.1X53 versions prior to 15.1X53-D65 on QFX10K; 16.1 versions prior to 16.1R2. • http://www.securitytracker.com/id/1040186 https://kb.juniper.net/JSA10835 https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 6%CPEs: 67EXPL: 0CVE-2018-0001 – Junos: Unauthenticated Remote Code Execution through J-Web interface
https://notcve.org/view.php?id=CVE-2018-0001
A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D67; 12.3 versions prior to 12.3R12-S5; 12.3X48 versions prior to 12.3X48-D35; 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D44, 14.1X53-D50; 14.2 versions prior to 14.2R7-S7, 14.2R8; 15.1 versions prior to 15.1R3; 15.1X49 versions prior to 15.1X49-D30; 15.1X53 versions prior to 15.1X53-D70. Un atacante remoto no autenticado podría ejecutar código explotando un defecto de uso de memoria previamente liberada en versiones antiguas de PHP mediante la inyección de datos manipulados a través de URL PHP específicas en el contexto del proceso J-Web. Las distribuciones afectadas son Juniper Networks Junos OS: 12.1X46 anterior a 12.1X46-D67; 12.3 anterior a 12.3R12-S5; 12.3X48 anterior a 12.3X48-D35; 14.1 anterior a 14.1R8-S5, 14.1R9; 14.1X53 anterior a 14.1X53-D44, 14.1X53-D50; 14.2 anterior a 14.2R7-S7, 14.2R8; 15.1 anterior a 15.1R3; 15.1X49 anterior a 15.1X49-D30; 15.1X53 anterior a 15.1X53-D70. • http://www.securityfocus.com/bid/103092 http://www.securitytracker.com/id/1040180 https://kb.juniper.net/JSA10828 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 0CVE-2018-0006 – Junos OS: bbe-smgd process denial of service while processing VLAN authentication requests/rejects
https://notcve.org/view.php?id=CVE-2018-0006
A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition. The issue was caused by attempting to process an unbounded number of pending VLAN authentication requests, leading to excessive memory allocation. This issue only affects devices configured for DHCPv4/v6 over AE auto-sensed VLANs, utilized in Broadband Edge (BBE) deployments. Other configurations are unaffected by this issue. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1R6-S2, 15.1R7; 16.1 versions prior to 16.1R5-S1, 16.1R6; 16.2 versions prior to 16.2R2-S2, 16.2R3; 17.1 versions prior to 17.1R2-S5, 17.1R3; 17.2 versions prior to 17.2R2. • http://www.securitytracker.com/id/1040184 https://kb.juniper.net/JSA10834 • CWE-770: Allocation of Resources Without Limits or Throttling •