CVE-2018-0001

EPSS 4.22%
Published 10.01.2018 22:29:00
Last modified 21.11.2024 03:37:19
Source sirt@juniper.net
Teams watchlist Login
Open Login

A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D67; 12.3 versions prior to 12.3R12-S5; 12.3X48 versions prior to 12.3X48-D35; 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D44, 14.1X53-D50; 14.2 versions prior to 14.2R7-S7, 14.2R8; 15.1 versions prior to 15.1R3; 15.1X49 versions prior to 15.1X49-D30; 15.1X53 versions prior to 15.1X53-D70.

Affected products Warnungen 0 Metrics 4 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Juniper ≫ Junos Version12.1x46 Updated10

Juniper ≫ Junos Version12.1x46 Updated15

Juniper ≫ Junos Version12.1x46 Updated20

Juniper ≫ Junos Version12.1x46 Updated25

Juniper ≫ Junos Version12.1x46 Updated30

Juniper ≫ Junos Version12.1x46 Updated35

Juniper ≫ Junos Version12.1x46 Updated40

Juniper ≫ Junos Version12.1x46 Updated45

Juniper ≫ Junos Version12.1x46 Updated50

Juniper ≫ Junos Version12.1x46 Updated55

Juniper ≫ Junos Version12.1x46 Updated60

Juniper ≫ Junos Version12.1x46 Updated65

Juniper ≫ Junos Version12.3x48 Updated10

Juniper ≫ Junos Version12.3x48 Updated15

Juniper ≫ Junos Version12.3x48 Updated20

Juniper ≫ Junos Version12.3x48 Updated25

Juniper ≫ Junos Version12.3x48 Updated30

Juniper ≫ Junos Version15.1x49 Updated10

Juniper ≫ Junos Version15.1x49 Updated20

Juniper ≫ Junos Version15.1x49 Updated30

Juniper ≫ Junos Version15.1x53 Updated20

Juniper ≫ Junos Version15.1x53 Updated21

Juniper ≫ Junos Version15.1x53 Updated25

Juniper ≫ Junos Version15.1x53 Updated30

Juniper ≫ Junos Version15.1x53 Updated32

Juniper ≫ Junos Version15.1x53 Updated33

Juniper ≫ Junos Version15.1x53 Updated34

Juniper ≫ Junos Version15.1x53 Updated60

Juniper ≫ Junos Version15.1x53 Updated61

Juniper ≫ Junos Version15.1x53 Updated62

Juniper ≫ Junos Version15.1x53 Updated63

Juniper ≫ Junos Version14.1

Juniper ≫ Junos Version14.1 Updater1

Juniper ≫ Junos Version14.1 Updater2

Juniper ≫ Junos Version14.1 Updater3

Juniper ≫ Junos Version14.1 Updater4

Juniper ≫ Junos Version14.1 Updater8

Juniper ≫ Junos Version14.1 Updater9

Juniper ≫ Junos Version14.2 Updater1

Juniper ≫ Junos Version14.2 Updater2

Juniper ≫ Junos Version14.2 Updater3

Juniper ≫ Junos Version14.2 Updater4

Juniper ≫ Junos Version14.2 Updater5

Juniper ≫ Junos Version14.2 Updater7

Juniper ≫ Junos Version14.2 Updater8

Juniper ≫ Junos Version15.1 Updater1

Juniper ≫ Junos Version15.1 Updater2

Juniper ≫ Junos Version12.3

Juniper ≫ Junos Version12.3 Updater1

Juniper ≫ Junos Version12.3 Updater10

Juniper ≫ Junos Version12.3 Updater2

Juniper ≫ Junos Version12.3 Updater3

Juniper ≫ Junos Version12.3 Updater4

Juniper ≫ Junos Version12.3 Updater5

Juniper ≫ Junos Version12.3 Updater6

Juniper ≫ Junos Version12.3 Updater7

Juniper ≫ Junos Version12.3 Updater8

Juniper ≫ Junos Version12.3 Updater9

Juniper ≫ Junos Version14.1x53

Juniper ≫ Junos Version14.1x53 Updated10

Juniper ≫ Junos Version14.1x53 Updated15

Juniper ≫ Junos Version14.1x53 Updated16

Juniper ≫ Junos Version14.1x53 Updated25

Juniper ≫ Junos Version14.1x53 Updated26

Juniper ≫ Junos Version14.1x53 Updated27

Juniper ≫ Junos Version14.1x53 Updated35

Juniper ≫ Junos Version14.1x53 Updated50

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	4.22%	0.883

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
sirt@juniper.net	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

http://www.securityfocus.com/bid/103092

http://www.securitytracker.com/id/1040180

Third Party Advisory

VDB Entry

https://kb.juniper.net/JSA10828

Patch

Vendor Advisory

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2018-0001

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-0001

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-0001

EUVD