9.8

CVE-2018-0001

A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D67; 12.3 versions prior to 12.3R12-S5; 12.3X48 versions prior to 12.3X48-D35; 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D44, 14.1X53-D50; 14.2 versions prior to 14.2R7-S7, 14.2R8; 15.1 versions prior to 15.1R3; 15.1X49 versions prior to 15.1X49-D30; 15.1X53 versions prior to 15.1X53-D70.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
JuniperJunos Version12.1x46 Updated10
JuniperJunos Version12.1x46 Updated15
JuniperJunos Version12.1x46 Updated20
JuniperJunos Version12.1x46 Updated25
JuniperJunos Version12.1x46 Updated30
JuniperJunos Version12.1x46 Updated35
JuniperJunos Version12.1x46 Updated40
JuniperJunos Version12.1x46 Updated45
JuniperJunos Version12.1x46 Updated50
JuniperJunos Version12.1x46 Updated55
JuniperJunos Version12.1x46 Updated60
JuniperJunos Version12.1x46 Updated65
JuniperJunos Version12.3x48 Updated10
JuniperJunos Version12.3x48 Updated15
JuniperJunos Version12.3x48 Updated20
JuniperJunos Version12.3x48 Updated25
JuniperJunos Version12.3x48 Updated30
JuniperJunos Version15.1x49 Updated10
JuniperJunos Version15.1x49 Updated20
JuniperJunos Version15.1x49 Updated30
JuniperJunos Version15.1x53 Updated20
JuniperJunos Version15.1x53 Updated21
JuniperJunos Version15.1x53 Updated25
JuniperJunos Version15.1x53 Updated30
JuniperJunos Version15.1x53 Updated32
JuniperJunos Version15.1x53 Updated33
JuniperJunos Version15.1x53 Updated34
JuniperJunos Version15.1x53 Updated60
JuniperJunos Version15.1x53 Updated61
JuniperJunos Version15.1x53 Updated62
JuniperJunos Version15.1x53 Updated63
JuniperJunos Version14.1
JuniperJunos Version14.1 Updater1
JuniperJunos Version14.1 Updater2
JuniperJunos Version14.1 Updater3
JuniperJunos Version14.1 Updater4
JuniperJunos Version14.1 Updater8
JuniperJunos Version14.1 Updater9
JuniperJunos Version14.2 Updater1
JuniperJunos Version14.2 Updater2
JuniperJunos Version14.2 Updater3
JuniperJunos Version14.2 Updater4
JuniperJunos Version14.2 Updater5
JuniperJunos Version14.2 Updater7
JuniperJunos Version14.2 Updater8
JuniperJunos Version15.1 Updater1
JuniperJunos Version15.1 Updater2
JuniperJunos Version12.3
JuniperJunos Version12.3 Updater1
JuniperJunos Version12.3 Updater10
JuniperJunos Version12.3 Updater2
JuniperJunos Version12.3 Updater3
JuniperJunos Version12.3 Updater4
JuniperJunos Version12.3 Updater5
JuniperJunos Version12.3 Updater6
JuniperJunos Version12.3 Updater7
JuniperJunos Version12.3 Updater8
JuniperJunos Version12.3 Updater9
JuniperJunos Version14.1x53
JuniperJunos Version14.1x53 Updated10
JuniperJunos Version14.1x53 Updated15
JuniperJunos Version14.1x53 Updated16
JuniperJunos Version14.1x53 Updated25
JuniperJunos Version14.1x53 Updated26
JuniperJunos Version14.1x53 Updated27
JuniperJunos Version14.1x53 Updated35
JuniperJunos Version14.1x53 Updated50
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.22% 0.883
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
sirt@juniper.net 9.8 3.9 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

http://www.securitytracker.com/id/1040180
Third Party Advisory
VDB Entry
https://kb.juniper.net/JSA10828
Patch
Vendor Advisory
Mitigation