Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2017-AVI-212
Vulnerability from certfr_avis - Published: 2017-07-12 - Updated: 2017-07-12
De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CTPView 7.1, 7.2 et 7.3",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CTPOS 7.0, 7.1, 7.2 et 7.3",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "ScreenOS versions ant\u00e9rieures \u00e0 6.3.0r24",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS toutes versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-9310",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9310"
},
{
"name": "CVE-2017-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2341"
},
{
"name": "CVE-2017-3135",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3135"
},
{
"name": "CVE-2017-2346",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2346"
},
{
"name": "CVE-2016-7426",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7426"
},
{
"name": "CVE-2017-2347",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2347"
},
{
"name": "CVE-2017-2338",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2338"
},
{
"name": "CVE-2017-2348",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2348"
},
{
"name": "CVE-2017-3731",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3731"
},
{
"name": "CVE-2016-7433",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7433"
},
{
"name": "CVE-2016-7429",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7429"
},
{
"name": "CVE-2016-9311",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9311"
},
{
"name": "CVE-2015-8138",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8138"
},
{
"name": "CVE-2016-7434",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7434"
},
{
"name": "CVE-2017-2336",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2336"
},
{
"name": "CVE-2017-2337",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2337"
},
{
"name": "CVE-2016-7427",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7427"
},
{
"name": "CVE-2017-3732",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
},
{
"name": "CVE-2017-10605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10605"
},
{
"name": "CVE-2017-2344",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2344"
},
{
"name": "CVE-2017-2345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2345"
},
{
"name": "CVE-2017-2343",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2343"
},
{
"name": "CVE-2017-2339",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2339"
},
{
"name": "CVE-2016-7431",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7431"
},
{
"name": "CVE-2016-7055",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7055"
},
{
"name": "CVE-2016-1887",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1887"
},
{
"name": "CVE-2016-9312",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9312"
},
{
"name": "CVE-2016-7428",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7428"
},
{
"name": "CVE-2016-3074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3074"
},
{
"name": "CVE-2017-2314",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2314"
},
{
"name": "CVE-2017-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2342"
},
{
"name": "CVE-2017-2335",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2335"
}
],
"initial_release_date": "2017-07-12T00:00:00",
"last_revision_date": "2017-07-12T00:00:00",
"links": [],
"reference": "CERTFR-2017-AVI-212",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-07-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Juniper\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10797 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10797\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10794 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10794\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10789 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10789\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10800 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10800\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10793 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10793\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10791 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10791\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10775 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10775\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10795 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10795\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10790 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10790\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10779 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10779\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10787 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10787\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10799 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10799\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10796 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10796\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10792 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10792\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10798 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10798\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10782 du 12 juillet 2017",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10782\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CVE-2016-7434 (GCVE-0-2016-7434)
Vulnerability from cvelistv5 – Published: 2017-01-13 16:00 – Updated: 2024-08-06 01:57
VLAI
EPSS
Summary
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://h20566.www2.hpe.com/hpsc/doc/public/displ… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/94448 | vdb-entryx_refsource_BID |
| http://support.ntp.org/bin/view/Main/NtpBug3082 | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/40806/ | exploitx_refsource_EXPLOIT-DB |
| http://support.ntp.org/bin/view/Main/SecurityNoti… | x_refsource_CONFIRM |
| http://nwtime.org/ntp428p9_release/ | x_refsource_CONFIRM |
| https://www.kb.cert.org/vuls/id/633847 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securitytracker.com/id/1037354 | vdb-entryx_refsource_SECTRACK |
| https://bto.bluecoat.com/security-advisory/sa139 | x_refsource_CONFIRM |
| https://security.FreeBSD.org/advisories/FreeBSD-S… | vendor-advisoryx_refsource_FREEBSD |
Date Public
2016-11-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:57:47.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03706en_us"
},
{
"name": "94448",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94448"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug3082"
},
{
"name": "40806",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40806/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nwtime.org/ntp428p9_release/"
},
{
"name": "VU#633847",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/633847"
},
{
"name": "1037354",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037354"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa139"
},
{
"name": "FreeBSD-SA-16:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-20T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03706en_us"
},
{
"name": "94448",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94448"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug3082"
},
{
"name": "40806",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40806/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nwtime.org/ntp428p9_release/"
},
{
"name": "VU#633847",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/633847"
},
{
"name": "1037354",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037354"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bto.bluecoat.com/security-advisory/sa139"
},
{
"name": "FreeBSD-SA-16:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03706en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03706en_us"
},
{
"name": "94448",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94448"
},
{
"name": "http://support.ntp.org/bin/view/Main/NtpBug3082",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/NtpBug3082"
},
{
"name": "40806",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40806/"
},
{
"name": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
},
{
"name": "http://nwtime.org/ntp428p9_release/",
"refsource": "CONFIRM",
"url": "http://nwtime.org/ntp428p9_release/"
},
{
"name": "VU#633847",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/633847"
},
{
"name": "1037354",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037354"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa139",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa139"
},
{
"name": "FreeBSD-SA-16:39",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-7434",
"datePublished": "2017-01-13T16:00:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:57:47.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9310 (GCVE-0-2016-9310)
Vulnerability from cvelistv5 – Published: 2017-01-13 16:00 – Updated: 2024-08-06 02:50
VLAI
EPSS
Summary
The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://h20566.www2.hpe.com/hpsc/doc/public/displ… | x_refsource_CONFIRM |
| http://support.ntp.org/bin/view/Main/NtpBug3118 | x_refsource_CONFIRM |
| https://usn.ubuntu.com/3707-2/ | vendor-advisoryx_refsource_UBUNTU |
| http://www.securityfocus.com/bid/94452 | vdb-entryx_refsource_BID |
| http://rhn.redhat.com/errata/RHSA-2017-0252.html | vendor-advisoryx_refsource_REDHAT |
| http://support.ntp.org/bin/view/Main/SecurityNoti… | x_refsource_CONFIRM |
| http://nwtime.org/ntp428p9_release/ | x_refsource_CONFIRM |
| https://www.kb.cert.org/vuls/id/633847 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securitytracker.com/id/1037354 | vdb-entryx_refsource_SECTRACK |
| https://bto.bluecoat.com/security-advisory/sa139 | x_refsource_CONFIRM |
| https://support.hpe.com/hpsc/doc/public/display?d… | x_refsource_CONFIRM |
| https://security.FreeBSD.org/advisories/FreeBSD-S… | vendor-advisoryx_refsource_FREEBSD |
Date Public
2016-11-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:37.626Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03706en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug3118"
},
{
"name": "USN-3707-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3707-2/"
},
{
"name": "94452",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94452"
},
{
"name": "RHSA-2017:0252",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0252.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nwtime.org/ntp428p9_release/"
},
{
"name": "VU#633847",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/633847"
},
{
"name": "1037354",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037354"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa139"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03799en_us"
},
{
"name": "FreeBSD-SA-16:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-24T10:57:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03706en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug3118"
},
{
"name": "USN-3707-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3707-2/"
},
{
"name": "94452",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94452"
},
{
"name": "RHSA-2017:0252",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0252.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nwtime.org/ntp428p9_release/"
},
{
"name": "VU#633847",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/633847"
},
{
"name": "1037354",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037354"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bto.bluecoat.com/security-advisory/sa139"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03799en_us"
},
{
"name": "FreeBSD-SA-16:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9310",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03706en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03706en_us"
},
{
"name": "http://support.ntp.org/bin/view/Main/NtpBug3118",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/NtpBug3118"
},
{
"name": "USN-3707-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3707-2/"
},
{
"name": "94452",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94452"
},
{
"name": "RHSA-2017:0252",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0252.html"
},
{
"name": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
},
{
"name": "http://nwtime.org/ntp428p9_release/",
"refsource": "CONFIRM",
"url": "http://nwtime.org/ntp428p9_release/"
},
{
"name": "VU#633847",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/633847"
},
{
"name": "1037354",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037354"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa139",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa139"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03799en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03799en_us"
},
{
"name": "FreeBSD-SA-16:39",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9310",
"datePublished": "2017-01-13T16:00:00.000Z",
"dateReserved": "2016-11-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:50:37.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9311 (GCVE-0-2016-9311)
Vulnerability from cvelistv5 – Published: 2017-01-13 16:00 – Updated: 2024-08-06 02:50
VLAI
EPSS
Summary
ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
| URL | Tags |
|---|---|
| https://h20566.www2.hpe.com/hpsc/doc/public/displ… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/94444 | vdb-entryx_refsource_BID |
| https://usn.ubuntu.com/3707-2/ | vendor-advisoryx_refsource_UBUNTU |
| http://rhn.redhat.com/errata/RHSA-2017-0252.html | vendor-advisoryx_refsource_REDHAT |
| http://support.ntp.org/bin/view/Main/SecurityNoti… | x_refsource_CONFIRM |
| http://nwtime.org/ntp428p9_release/ | x_refsource_CONFIRM |
| https://www.kb.cert.org/vuls/id/633847 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securitytracker.com/id/1037354 | vdb-entryx_refsource_SECTRACK |
| https://bto.bluecoat.com/security-advisory/sa139 | x_refsource_CONFIRM |
| https://support.hpe.com/hpsc/doc/public/display?d… | x_refsource_CONFIRM |
| https://security.FreeBSD.org/advisories/FreeBSD-S… | vendor-advisoryx_refsource_FREEBSD |
| https://support.hpe.com/hpsc/doc/public/display?d… | x_refsource_CONFIRM |
| http://support.ntp.org/bin/view/Main/NtpBug3119 | x_refsource_CONFIRM |
Date Public
2016-11-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:36.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03706en_us"
},
{
"name": "94444",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94444"
},
{
"name": "USN-3707-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3707-2/"
},
{
"name": "RHSA-2017:0252",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0252.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nwtime.org/ntp428p9_release/"
},
{
"name": "VU#633847",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/633847"
},
{
"name": "1037354",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037354"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa139"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03799en_us"
},
{
"name": "FreeBSD-SA-16:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03885en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug3119"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-24T10:57:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03706en_us"
},
{
"name": "94444",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94444"
},
{
"name": "USN-3707-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3707-2/"
},
{
"name": "RHSA-2017:0252",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0252.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nwtime.org/ntp428p9_release/"
},
{
"name": "VU#633847",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/633847"
},
{
"name": "1037354",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037354"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bto.bluecoat.com/security-advisory/sa139"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03799en_us"
},
{
"name": "FreeBSD-SA-16:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03885en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug3119"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03706en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03706en_us"
},
{
"name": "94444",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94444"
},
{
"name": "USN-3707-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3707-2/"
},
{
"name": "RHSA-2017:0252",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0252.html"
},
{
"name": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
},
{
"name": "http://nwtime.org/ntp428p9_release/",
"refsource": "CONFIRM",
"url": "http://nwtime.org/ntp428p9_release/"
},
{
"name": "VU#633847",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/633847"
},
{
"name": "1037354",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037354"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa139",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa139"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03799en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03799en_us"
},
{
"name": "FreeBSD-SA-16:39",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03885en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03885en_us"
},
{
"name": "http://support.ntp.org/bin/view/Main/NtpBug3119",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/NtpBug3119"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9311",
"datePublished": "2017-01-13T16:00:00.000Z",
"dateReserved": "2016-11-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:50:36.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9312 (GCVE-0-2016-9312)
Vulnerability from cvelistv5 – Published: 2017-01-13 16:00 – Updated: 2024-08-06 02:50
VLAI
EPSS
Summary
ntpd in NTP before 4.2.8p9, when running on Windows, allows remote attackers to cause a denial of service via a large UDP packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://support.ntp.org/bin/view/Main/SecurityNoti… | x_refsource_CONFIRM |
| http://nwtime.org/ntp428p9_release/ | x_refsource_CONFIRM |
| https://www.kb.cert.org/vuls/id/633847 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securitytracker.com/id/1037354 | vdb-entryx_refsource_SECTRACK |
| https://bto.bluecoat.com/security-advisory/sa139 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/94450 | vdb-entryx_refsource_BID |
| http://support.ntp.org/bin/view/Main/NtpBug3110 | x_refsource_CONFIRM |
Date Public
2016-11-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:37.125Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nwtime.org/ntp428p9_release/"
},
{
"name": "VU#633847",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/633847"
},
{
"name": "1037354",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037354"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa139"
},
{
"name": "94450",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94450"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug3110"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ntpd in NTP before 4.2.8p9, when running on Windows, allows remote attackers to cause a denial of service via a large UDP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-27T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nwtime.org/ntp428p9_release/"
},
{
"name": "VU#633847",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/633847"
},
{
"name": "1037354",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037354"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bto.bluecoat.com/security-advisory/sa139"
},
{
"name": "94450",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94450"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug3110"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ntpd in NTP before 4.2.8p9, when running on Windows, allows remote attackers to cause a denial of service via a large UDP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
},
{
"name": "http://nwtime.org/ntp428p9_release/",
"refsource": "CONFIRM",
"url": "http://nwtime.org/ntp428p9_release/"
},
{
"name": "VU#633847",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/633847"
},
{
"name": "1037354",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037354"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa139",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa139"
},
{
"name": "94450",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94450"
},
{
"name": "http://support.ntp.org/bin/view/Main/NtpBug3110",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/NtpBug3110"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9312",
"datePublished": "2017-01-13T16:00:00.000Z",
"dateReserved": "2016-11-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:50:37.125Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10605 (GCVE-0-2017-10605)
Vulnerability from cvelistv5 – Published: 2017-07-14 14:00 – Updated: 2024-09-17 01:01
VLAI
EPSS
Title
Junos: SRX Series denial of service vulnerability in flowd due to crafted DHCP packet
Summary
On all vSRX and SRX Series devices, when the DHCP or DHCP relay is configured, specially crafted packet might cause the flowd process to crash, halting or interrupting traffic from flowing through the device(s). Repeated crashes of the flowd process may constitute an extended denial of service condition for the device(s). If the device is configured in high-availability, the RG1+ (data-plane) will fail-over to the secondary node. If the device is configured in stand-alone, there will be temporary traffic interruption until the flowd process is restored automatically. Sustained crafted packets may cause the secondary failover node to fail back, or fail completely, potentially halting flowd on both nodes of the cluster or causing flip-flop failovers to occur. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 12.1X46 prior to 12.1X46-D67 on vSRX or SRX Series; 12.3X48 prior to 12.3X48-D50 on vSRX or SRX Series; 15.1X49 prior to 15.1X49-D91, 15.1X49-D100 on vSRX or SRX Series.
Severity
8.6 (High)
CWE
- denial of service vulnerability
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1038891 | vdb-entryx_refsource_SECTRACK |
| https://kb.juniper.net/JSA10789 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
12.1X46 prior to 12.1X46-D67
Affected: 12.3X48 prior to 12.3X48-D50 Affected: 15.1X49 prior to 15.1X49-D91, 15.1X49-D100 |
Date Public
2017-07-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:41:55.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038891",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038891"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10789"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"vSRX or SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "12.1X46 prior to 12.1X46-D67"
},
{
"status": "affected",
"version": "12.3X48 prior to 12.3X48-D50"
},
{
"status": "affected",
"version": "15.1X49 prior to 15.1X49-D91, 15.1X49-D100"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue only affects devices with DHCP or DHCP relay is configured."
}
],
"datePublic": "2017-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "On all vSRX and SRX Series devices, when the DHCP or DHCP relay is configured, specially crafted packet might cause the flowd process to crash, halting or interrupting traffic from flowing through the device(s). Repeated crashes of the flowd process may constitute an extended denial of service condition for the device(s). If the device is configured in high-availability, the RG1+ (data-plane) will fail-over to the secondary node. If the device is configured in stand-alone, there will be temporary traffic interruption until the flowd process is restored automatically. Sustained crafted packets may cause the secondary failover node to fail back, or fail completely, potentially halting flowd on both nodes of the cluster or causing flip-flop failovers to occur. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 12.1X46 prior to 12.1X46-D67 on vSRX or SRX Series; 12.3X48 prior to 12.3X48-D50 on vSRX or SRX Series; 15.1X49 prior to 15.1X49-D91, 15.1X49-D100 on vSRX or SRX Series."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-21T19:57:01.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"name": "1038891",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038891"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10789"
}
],
"title": "Junos: SRX Series denial of service vulnerability in flowd due to crafted DHCP packet",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2017-07-12T09:00",
"ID": "CVE-2017-10605",
"STATE": "PUBLIC",
"TITLE": "Junos: SRX Series denial of service vulnerability in flowd due to crafted DHCP packet"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "vSRX or SRX Series",
"version_value": "12.1X46 prior to 12.1X46-D67"
},
{
"platform": "vSRX or SRX Series",
"version_value": "12.3X48 prior to 12.3X48-D50"
},
{
"platform": "vSRX or SRX Series",
"version_value": "15.1X49 prior to 15.1X49-D91, 15.1X49-D100"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue only affects devices with DHCP or DHCP relay is configured."
}
],
"credit": [],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On all vSRX and SRX Series devices, when the DHCP or DHCP relay is configured, specially crafted packet might cause the flowd process to crash, halting or interrupting traffic from flowing through the device(s). Repeated crashes of the flowd process may constitute an extended denial of service condition for the device(s). If the device is configured in high-availability, the RG1+ (data-plane) will fail-over to the secondary node. If the device is configured in stand-alone, there will be temporary traffic interruption until the flowd process is restored automatically. Sustained crafted packets may cause the secondary failover node to fail back, or fail completely, potentially halting flowd on both nodes of the cluster or causing flip-flop failovers to occur. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 12.1X46 prior to 12.1X46-D67 on vSRX or SRX Series; 12.3X48 prior to 12.3X48-D50 on vSRX or SRX Series; 15.1X49 prior to 15.1X49-D91, 15.1X49-D100 on vSRX or SRX Series."
}
]
},
"exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability, however, the issue has been seen in a production network.",
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038891",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038891"
},
{
"name": "https://kb.juniper.net/JSA10789",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10789"
}
]
},
"solution": "The following software releases have been updated to resolve this specific issue: 12.1X46-D67, 12.3X48-D50, 15.1X49-D91, 15.1X49-D100, and all subsequent releases.\n\nThis issue is being tracked as PR 1270493 and is visible on the Customer Support website.",
"work_around": []
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2017-10605",
"datePublished": "2017-07-14T14:00:00.000Z",
"dateReserved": "2017-06-28T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:01:06.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2314 (GCVE-0-2017-2314)
Vulnerability from cvelistv5 – Published: 2017-07-14 14:00 – Updated: 2024-09-16 19:25
VLAI
EPSS
Title
Junos: RPD crash due to malformed BGP OPEN message
Summary
Receipt of a malformed BGP OPEN message may cause the routing protocol daemon (rpd) process to crash and restart. By continuously sending specially crafted BGP OPEN messages, an attacker can repeatedly crash the rpd process causing prolonged denial of service. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 12.3 prior to 12.3R12-S4, 12.3R13, 12.3R3-S4; 12.3X48 prior to 12.3X48-D50; 13.3 prior to 13.3R4-S11, 13.3R10; 14.1 prior to 14.1R8-S3, 14.1R9; 14.1X53 prior to 14.1X53-D40; 14.1X55 prior to 14.1X55-D35; 14.2 prior to 14.2R4-S7, 14.2R6-S4, 14.2R7; 15.1 prior to 15.1F2-S11, 15.1F4-S1-J1, 15.1F5-S3, 15.1F6, 15.1R4; 15.1X49 prior to 15.1X49-D100; 15.1X53 prior to 15.1X53-D33, 15.1X53-D50.
Severity
7.5 (High)
CWE
- routing protocol daemon (rpd) crash denial of service
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://kb.juniper.net/JSA10779 | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1038889 | vdb-entryx_refsource_SECTRACK |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
12.3 prior to 12.3R12-S4, 12.3R13, 12.3R3-S4
Affected: 12.3X48 prior to 12.3X48-D50 Affected: 13.3 prior to 13.3R4-S11, 13.3R10 Affected: 14.1 prior to 14.1R8-S3, 14.1R9 Affected: 14.1X53 prior to 14.1X53-D40 Affected: 14.1X55 prior to 14.1X55-D35 Affected: 14.2 prior to 14.2R4-S7, 14.2R6-S4, 14.2R7 Affected: 15.1 prior to 15.1F2-S11, 15.1F4-S1-J1, 15.1F5-S3, 15.1F6, 15.1R4 Affected: 15.1X49 prior to 15.1X49-D100 Affected: 15.1X53 prior to 15.1X53-D33, 15.1X53-D50 |
Date Public
2017-07-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:05.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10779"
},
{
"name": "1038889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038889"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "12.3 prior to 12.3R12-S4, 12.3R13, 12.3R3-S4"
},
{
"status": "affected",
"version": "12.3X48 prior to 12.3X48-D50"
},
{
"status": "affected",
"version": "13.3 prior to 13.3R4-S11, 13.3R10"
},
{
"status": "affected",
"version": "14.1 prior to 14.1R8-S3, 14.1R9"
},
{
"status": "affected",
"version": "14.1X53 prior to 14.1X53-D40"
},
{
"status": "affected",
"version": "14.1X55 prior to 14.1X55-D35"
},
{
"status": "affected",
"version": "14.2 prior to 14.2R4-S7, 14.2R6-S4, 14.2R7"
},
{
"status": "affected",
"version": "15.1 prior to 15.1F2-S11, 15.1F4-S1-J1, 15.1F5-S3, 15.1F6, 15.1R4"
},
{
"status": "affected",
"version": "15.1X49 prior to 15.1X49-D100"
},
{
"status": "affected",
"version": "15.1X53 prior to 15.1X53-D33, 15.1X53-D50"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue only affects devices with BGP enabled."
}
],
"datePublic": "2017-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Receipt of a malformed BGP OPEN message may cause the routing protocol daemon (rpd) process to crash and restart. By continuously sending specially crafted BGP OPEN messages, an attacker can repeatedly crash the rpd process causing prolonged denial of service. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 12.3 prior to 12.3R12-S4, 12.3R13, 12.3R3-S4; 12.3X48 prior to 12.3X48-D50; 13.3 prior to 13.3R4-S11, 13.3R10; 14.1 prior to 14.1R8-S3, 14.1R9; 14.1X53 prior to 14.1X53-D40; 14.1X55 prior to 14.1X55-D35; 14.2 prior to 14.2R4-S7, 14.2R6-S4, 14.2R7; 15.1 prior to 15.1F2-S11, 15.1F4-S1-J1, 15.1F5-S3, 15.1F6, 15.1R4; 15.1X49 prior to 15.1X49-D100; 15.1X53 prior to 15.1X53-D33, 15.1X53-D50."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "routing protocol daemon (rpd) crash denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-15T09:57:01.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10779"
},
{
"name": "1038889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038889"
}
],
"title": "Junos: RPD crash due to malformed BGP OPEN message",
"workarounds": [
{
"lang": "en",
"value": "While there is no workaround, the risk associated with this issue can be mitigated by limiting BGP sessions only from trusted peers."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2017-07-12T09:00",
"ID": "CVE-2017-2314",
"STATE": "PUBLIC",
"TITLE": "Junos: RPD crash due to malformed BGP OPEN message"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "",
"version_value": "12.3 prior to 12.3R12-S4, 12.3R13, 12.3R3-S4"
},
{
"platform": "",
"version_value": "12.3X48 prior to 12.3X48-D50"
},
{
"platform": "",
"version_value": "13.3 prior to 13.3R4-S11, 13.3R10"
},
{
"platform": "",
"version_value": "14.1 prior to 14.1R8-S3, 14.1R9"
},
{
"platform": "",
"version_value": "14.1X53 prior to 14.1X53-D40"
},
{
"platform": "",
"version_value": "14.1X55 prior to 14.1X55-D35"
},
{
"platform": "",
"version_value": "14.2 prior to 14.2R4-S7, 14.2R6-S4, 14.2R7"
},
{
"platform": "",
"version_value": "15.1 prior to 15.1F2-S11, 15.1F4-S1-J1, 15.1F5-S3, 15.1F6, 15.1R4"
},
{
"platform": "",
"version_value": "15.1X49 prior to 15.1X49-D100"
},
{
"platform": "",
"version_value": "15.1X53 prior to 15.1X53-D33, 15.1X53-D50"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue only affects devices with BGP enabled."
}
],
"credit": [],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Receipt of a malformed BGP OPEN message may cause the routing protocol daemon (rpd) process to crash and restart. By continuously sending specially crafted BGP OPEN messages, an attacker can repeatedly crash the rpd process causing prolonged denial of service. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 12.3 prior to 12.3R12-S4, 12.3R13, 12.3R3-S4; 12.3X48 prior to 12.3X48-D50; 13.3 prior to 13.3R4-S11, 13.3R10; 14.1 prior to 14.1R8-S3, 14.1R9; 14.1X53 prior to 14.1X53-D40; 14.1X55 prior to 14.1X55-D35; 14.2 prior to 14.2R4-S7, 14.2R6-S4, 14.2R7; 15.1 prior to 15.1F2-S11, 15.1F4-S1-J1, 15.1F5-S3, 15.1F6, 15.1R4; 15.1X49 prior to 15.1X49-D100; 15.1X53 prior to 15.1X53-D33, 15.1X53-D50."
}
]
},
"exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability, however, this issue has been seen in a production network due to the BGP implementation in a third party device.",
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "routing protocol daemon (rpd) crash denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10779",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10779"
},
{
"name": "1038889",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038889"
}
]
},
"solution": "The following software releases have been updated to resolve this specific issue: Junos 12.3R12-S4, 12.3R13, 12.3R3-S4, 12.3X48-D50, 13.3R10, 13.3R4-S11, 14.1R8-S3, 14.1R9, 14.1X53-D40, 14.1X55-D35, 14.2R4-S7, 14.2R6-S4, 14.2R7, 15.1F2-S11, 15.1F4-S1-J1, 15.1F5-S3, 15.1F6, 15.1R4, 15.1X49-D100, 15.1X53-D33, 15.1X53-D50, 16.1R1, 16.2R1 and all subsequent releases.\n\nThis issue is being tracked as PR 1159781 and is visible on the Customer Support website.",
"work_around": [
{
"lang": "en",
"value": "While there is no workaround, the risk associated with this issue can be mitigated by limiting BGP sessions only from trusted peers."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2017-2314",
"datePublished": "2017-07-14T14:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:25:40.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2335 (GCVE-0-2017-2335)
Vulnerability from cvelistv5 – Published: 2017-07-14 14:00 – Updated: 2024-09-16 20:17
VLAI
EPSS
Title
ScreenOS: XSS vulnerability in ScreenOS Firewall
Summary
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue.
Severity
8.4 (High)
CWE
- persistent cross site scripting vulnerability
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://kb.juniper.net/JSA10782 | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1038881 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/99590 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | ScreenOS |
Affected:
6.3.0 prior to 6.3.0r24
|
Date Public
2017-07-12 00:00
Credits
Gaku Mochizuki/Toshitsugu Yoneyama from Mitsui Bussan Secure Directions, Inc., for reporting this issue to the JPCERT/CC.
Craig Young, Principal Security Researcher, Tripwire VERT, for responsibly reporting this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:05.392Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10782"
},
{
"name": "1038881",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038881"
},
{
"name": "99590",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99590"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"SSG Series"
],
"product": "ScreenOS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "6.3.0 prior to 6.3.0r24"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Gaku Mochizuki/Toshitsugu Yoneyama from Mitsui Bussan Secure Directions, Inc., for reporting this issue to the JPCERT/CC."
},
{
"lang": "en",
"value": "Craig Young, Principal Security Researcher, Tripwire VERT, for responsibly reporting this vulnerability."
}
],
"datePublic": "2017-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the \u0027security\u0027 role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "persistent cross site scripting vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-21T19:57:01.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10782"
},
{
"name": "1038881",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038881"
},
{
"name": "99590",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99590"
}
],
"title": "ScreenOS: XSS vulnerability in ScreenOS Firewall",
"workarounds": [
{
"lang": "en",
"value": "Use access lists or firewall filters to limit access to the firewall\u0027s WebUI only from trusted hosts."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2017-07-12T09:00",
"ID": "CVE-2017-2335",
"STATE": "PUBLIC",
"TITLE": "ScreenOS: XSS vulnerability in ScreenOS Firewall"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ScreenOS",
"version": {
"version_data": [
{
"platform": "SSG Series",
"version_value": "6.3.0 prior to 6.3.0r24"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [],
"credit": [
"Gaku Mochizuki/Toshitsugu Yoneyama from Mitsui Bussan Secure Directions, Inc., for reporting this issue to the JPCERT/CC.",
"Craig Young, Principal Security Researcher, Tripwire VERT, for responsibly reporting this vulnerability."
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the \u0027security\u0027 role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "persistent cross site scripting vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10782",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10782"
},
{
"name": "1038881",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038881"
},
{
"name": "99590",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99590"
}
]
},
"solution": "ScreenOS has been updated to add checks to prevent scripts in WebUI strings.\n\nThe following software release has been updated to resolve this specific issue: ScreenOS 6.3.0r24, and all subsequent releases.\n\nThis issue is being tracked as PR 1136628 and is visible on the Customer Support website.\n\nKB16765 - \"In which releases are vulnerabilities fixed?\" describes which release vulnerabilities are fixed as per our End of Engineering and End of Life support policies.",
"work_around": [
{
"lang": "en",
"value": "Use access lists or firewall filters to limit access to the firewall\u0027s WebUI only from trusted hosts."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2017-2335",
"datePublished": "2017-07-14T14:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:17:28.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2336 (GCVE-0-2017-2336)
Vulnerability from cvelistv5 – Published: 2017-07-14 14:00 – Updated: 2024-09-16 17:38
VLAI
EPSS
Title
ScreenOS: XSS vulnerability in ScreenOS Firewall
Summary
A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the attacker to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue.
Severity
9.6 (Critical)
CWE
- reflected cross site scripting vulnerability
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://kb.juniper.net/JSA10782 | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1038881 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/99590 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | ScreenOS |
Affected:
6.3.0 prior to 6.3.0r24
|
Date Public
2017-07-12 00:00
Credits
Gaku Mochizuki/Toshitsugu Yoneyama from Mitsui Bussan Secure Directions, Inc., for reporting this issue to the JPCERT/CC.
Craig Young, Principal Security Researcher, Tripwire VERT, for responsibly reporting this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:05.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10782"
},
{
"name": "1038881",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038881"
},
{
"name": "99590",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99590"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"SSG Series"
],
"product": "ScreenOS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "6.3.0 prior to 6.3.0r24"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Gaku Mochizuki/Toshitsugu Yoneyama from Mitsui Bussan Secure Directions, Inc., for reporting this issue to the JPCERT/CC."
},
{
"lang": "en",
"value": "Craig Young, Principal Security Researcher, Tripwire VERT, for responsibly reporting this vulnerability."
}
],
"datePublic": "2017-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the attacker to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "reflected cross site scripting vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-21T19:57:01.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10782"
},
{
"name": "1038881",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038881"
},
{
"name": "99590",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99590"
}
],
"title": "ScreenOS: XSS vulnerability in ScreenOS Firewall",
"workarounds": [
{
"lang": "en",
"value": "Use access lists or firewall filters to limit access to the firewall\u0027s WebUI only from trusted hosts."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2017-07-12T09:00",
"ID": "CVE-2017-2336",
"STATE": "PUBLIC",
"TITLE": "ScreenOS: XSS vulnerability in ScreenOS Firewall"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ScreenOS",
"version": {
"version_data": [
{
"platform": "SSG Series",
"version_value": "6.3.0 prior to 6.3.0r24"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [],
"credit": [
"Gaku Mochizuki/Toshitsugu Yoneyama from Mitsui Bussan Secure Directions, Inc., for reporting this issue to the JPCERT/CC.",
"Craig Young, Principal Security Researcher, Tripwire VERT, for responsibly reporting this vulnerability."
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the attacker to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "reflected cross site scripting vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10782",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10782"
},
{
"name": "1038881",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038881"
},
{
"name": "99590",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99590"
}
]
},
"solution": "ScreenOS has been updated to add checks to prevent scripts in WebUI strings.\n\nThe following software release has been updated to resolve this specific issue: ScreenOS 6.3.0r24, and all subsequent releases.\n\nThis issue is being tracked as PR 1136628 and is visible on the Customer Support website.\n\nKB16765 - \"In which releases are vulnerabilities fixed?\" describes which release vulnerabilities are fixed as per our End of Engineering and End of Life support policies.",
"work_around": [
{
"lang": "en",
"value": "Use access lists or firewall filters to limit access to the firewall\u0027s WebUI only from trusted hosts."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2017-2336",
"datePublished": "2017-07-14T14:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:38:40.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2337 (GCVE-0-2017-2337)
Vulnerability from cvelistv5 – Published: 2017-07-14 14:00 – Updated: 2024-09-16 20:13
VLAI
EPSS
Title
ScreenOS: XSS vulnerability in ScreenOS Firewall
Summary
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue.
Severity
8.4 (High)
CWE
- persistent cross site scripting vulnerability
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://kb.juniper.net/JSA10782 | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1038881 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/99590 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | ScreenOS |
Affected:
6.3.0 prior to 6.3.0r24
|
Date Public
2017-07-12 00:00
Credits
Gaku Mochizuki/Toshitsugu Yoneyama from Mitsui Bussan Secure Directions, Inc., for reporting this issue to the JPCERT/CC.
Craig Young, Principal Security Researcher, Tripwire VERT, for responsibly reporting this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:05.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10782"
},
{
"name": "1038881",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038881"
},
{
"name": "99590",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99590"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"SSG Series"
],
"product": "ScreenOS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "6.3.0 prior to 6.3.0r24"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Gaku Mochizuki/Toshitsugu Yoneyama from Mitsui Bussan Secure Directions, Inc., for reporting this issue to the JPCERT/CC."
},
{
"lang": "en",
"value": "Craig Young, Principal Security Researcher, Tripwire VERT, for responsibly reporting this vulnerability."
}
],
"datePublic": "2017-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the \u0027security\u0027 role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "persistent cross site scripting vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-21T19:57:01.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10782"
},
{
"name": "1038881",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038881"
},
{
"name": "99590",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99590"
}
],
"title": "ScreenOS: XSS vulnerability in ScreenOS Firewall",
"workarounds": [
{
"lang": "en",
"value": "Use access lists or firewall filters to limit access to the firewall\u0027s WebUI only from trusted hosts."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2017-07-12T09:00",
"ID": "CVE-2017-2337",
"STATE": "PUBLIC",
"TITLE": "ScreenOS: XSS vulnerability in ScreenOS Firewall"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ScreenOS",
"version": {
"version_data": [
{
"platform": "SSG Series",
"version_value": "6.3.0 prior to 6.3.0r24"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [],
"credit": [
"Gaku Mochizuki/Toshitsugu Yoneyama from Mitsui Bussan Secure Directions, Inc., for reporting this issue to the JPCERT/CC.",
"Craig Young, Principal Security Researcher, Tripwire VERT, for responsibly reporting this vulnerability."
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the \u0027security\u0027 role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "persistent cross site scripting vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10782",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10782"
},
{
"name": "1038881",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038881"
},
{
"name": "99590",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99590"
}
]
},
"solution": "ScreenOS has been updated to add checks to prevent scripts in WebUI strings.\n\nThe following software release has been updated to resolve this specific issue: ScreenOS 6.3.0r24, and all subsequent releases.\n\nThis issue is being tracked as PR 1136628 and is visible on the Customer Support website.\n\nKB16765 - \"In which releases are vulnerabilities fixed?\" describes which release vulnerabilities are fixed as per our End of Engineering and End of Life support policies.",
"work_around": [
{
"lang": "en",
"value": "Use access lists or firewall filters to limit access to the firewall\u0027s WebUI only from trusted hosts."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2017-2337",
"datePublished": "2017-07-14T14:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:13:15.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2338 (GCVE-0-2017-2338)
Vulnerability from cvelistv5 – Published: 2017-07-14 14:00 – Updated: 2024-09-16 23:41
VLAI
EPSS
Title
ScreenOS: XSS vulnerability in ScreenOS Firewall
Summary
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue.
Severity
8.4 (High)
CWE
- persistent cross site scripting vulnerability
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://kb.juniper.net/JSA10782 | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1038881 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/99590 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | ScreenOS |
Affected:
6.3.0 prior to 6.3.0r24
|
Date Public
2017-07-12 00:00
Credits
Gaku Mochizuki/Toshitsugu Yoneyama from Mitsui Bussan Secure Directions, Inc., for reporting this issue to the JPCERT/CC.
Craig Young, Principal Security Researcher, Tripwire VERT, for responsibly reporting this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:05.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10782"
},
{
"name": "1038881",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038881"
},
{
"name": "99590",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99590"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"SSG Series"
],
"product": "ScreenOS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "affected",
"version": "6.3.0 prior to 6.3.0r24"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Gaku Mochizuki/Toshitsugu Yoneyama from Mitsui Bussan Secure Directions, Inc., for reporting this issue to the JPCERT/CC."
},
{
"lang": "en",
"value": "Craig Young, Principal Security Researcher, Tripwire VERT, for responsibly reporting this vulnerability."
}
],
"datePublic": "2017-07-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the \u0027security\u0027 role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "persistent cross site scripting vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-21T19:57:01.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10782"
},
{
"name": "1038881",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038881"
},
{
"name": "99590",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99590"
}
],
"title": "ScreenOS: XSS vulnerability in ScreenOS Firewall",
"workarounds": [
{
"lang": "en",
"value": "Use access lists or firewall filters to limit access to the firewall\u0027s WebUI only from trusted hosts."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2017-07-12T09:00",
"ID": "CVE-2017-2338",
"STATE": "PUBLIC",
"TITLE": "ScreenOS: XSS vulnerability in ScreenOS Firewall"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ScreenOS",
"version": {
"version_data": [
{
"platform": "SSG Series",
"version_value": "6.3.0 prior to 6.3.0r24"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [],
"credit": [
"Gaku Mochizuki/Toshitsugu Yoneyama from Mitsui Bussan Secure Directions, Inc., for reporting this issue to the JPCERT/CC.",
"Craig Young, Principal Security Researcher, Tripwire VERT, for responsibly reporting this vulnerability."
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the \u0027security\u0027 role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "persistent cross site scripting vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10782",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10782"
},
{
"name": "1038881",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038881"
},
{
"name": "99590",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99590"
}
]
},
"solution": "ScreenOS has been updated to add checks to prevent scripts in WebUI strings.\n\nThe following software release has been updated to resolve this specific issue: ScreenOS 6.3.0r24, and all subsequent releases.\n\nThis issue is being tracked as PR 1136628 and is visible on the Customer Support website.\n\nKB16765 - \"In which releases are vulnerabilities fixed?\" describes which release vulnerabilities are fixed as per our End of Engineering and End of Life support policies.",
"work_around": [
{
"lang": "en",
"value": "Use access lists or firewall filters to limit access to the firewall\u0027s WebUI only from trusted hosts."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2017-2338",
"datePublished": "2017-07-14T14:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:41:11.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…