7.5

CVE-2018-0062

A Denial of Service vulnerability in J-Web service may allow a remote unauthenticated user to cause Denial of Service which may prevent other users to authenticate or to perform J-Web operations. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D60 on SRX Series; 15.1 versions prior to 15.1R7; 15.1F6; 15.1X49 versions prior to 15.1X49-D120 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400 Series; 15.1X53 versions prior to 15.1X53-D67 on QFX10K Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D470, 15.1X53-D495 on NFX Series; 16.1 versions prior to 16.1R6; 16.2 versions prior to 16.2R2-S6, 16.2R3; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R2. No other Juniper Networks products or platforms are affected by this issue.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Version12.1x46
JuniperJunos Version12.1x46 Updated10
JuniperJunos Version12.1x46 Updated15
JuniperJunos Version12.1x46 Updated20
JuniperJunos Version12.1x46 Updated25
JuniperJunos Version12.1x46 Updated30
JuniperJunos Version12.1x46 Updated35
JuniperJunos Version12.1x46 Updated40
JuniperJunos Version12.1x46 Updated45
JuniperJunos Version12.1x46 Updated50
JuniperJunos Version12.1x46 Updated55
JuniperJunos Version12.1x46 Updated60
JuniperJunos Version12.1x46 Updated65
JuniperJunos Version12.3
JuniperJunos Version12.3 Updater1
JuniperJunos Version12.3 Updater11
JuniperJunos Version12.3 Updater2
JuniperJunos Version12.3 Updater3
JuniperJunos Version12.3 Updater4
JuniperJunos Version12.3 Updater5
JuniperJunos Version12.3 Updater6
JuniperJunos Version12.3 Updater7
JuniperJunos Version12.3 Updater8
JuniperJunos Version12.3 Updater9
JuniperJunos Version12.3x48
JuniperJunos Version12.3x48 Updated10
JuniperJunos Version12.3x48 Updated15
JuniperJunos Version12.3x48 Updated20
JuniperJunos Version12.3x48 Updated25
JuniperJunos Version12.3x48 Updated30
JuniperJunos Version12.3x48 Updated35
JuniperJunos Version12.3x48 Updated40
JuniperJunos Version12.3x48 Updated45
JuniperJunos Version12.3x48 Updated50
JuniperJunos Version12.3x48 Updated55
JuniperJunos Version12.3x48 Updated60
JuniperJunos Version15.1
JuniperJunos Version15.1 Updatef2
JuniperJunos Version15.1 Updatef3
JuniperJunos Version15.1 Updatef4
JuniperJunos Version15.1 Updatef5
JuniperJunos Version15.1 Updatef6
JuniperJunos Version15.1 Updatef7
JuniperJunos Version15.1 Updater1
JuniperJunos Version15.1 Updater2
JuniperJunos Version15.1 Updater3
JuniperJunos Version15.1 Updater4
JuniperJunos Version15.1 Updater5
JuniperJunos Version15.1 Updater6
JuniperJunos Version15.1x49
JuniperJunos Version15.1x49 Updated10
JuniperJunos Version15.1x49 Updated100
JuniperJunos Version15.1x49 Updated110
JuniperJunos Version15.1x49 Updated20
JuniperJunos Version15.1x49 Updated30
JuniperJunos Version15.1x49 Updated35
JuniperJunos Version15.1x49 Updated40
JuniperJunos Version15.1x49 Updated45
JuniperJunos Version15.1x49 Updated50
JuniperJunos Version15.1x49 Updated55
JuniperJunos Version15.1x49 Updated60
JuniperJunos Version15.1x49 Updated65
JuniperJunos Version15.1x49 Updated70
JuniperJunos Version15.1x49 Updated75
JuniperJunos Version15.1x49 Updated80
JuniperJunos Version15.1x49 Updated90
JuniperJunos Version15.1x53
   JuniperEx2300 Version-
   JuniperEx3400 Version-
JuniperJunos Version15.1x53 Updated50
   JuniperEx2300 Version-
   JuniperEx3400 Version-
JuniperJunos Version15.1x53 Updated51
   JuniperEx2300 Version-
   JuniperEx3400 Version-
JuniperJunos Version15.1x53 Updated52
   JuniperEx2300 Version-
   JuniperEx3400 Version-
JuniperJunos Version15.1x53 Updated55
   JuniperEx2300 Version-
   JuniperEx3400 Version-
JuniperJunos Version15.1x53 Updated57
   JuniperEx2300 Version-
   JuniperEx3400 Version-
JuniperJunos Version15.1x53 Updated58
   JuniperEx2300 Version-
   JuniperEx3400 Version-
JuniperJunos Version15.1x53
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated10
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated20
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated21
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated30
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated32
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated33
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated34
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated50
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated60
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated61
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated62
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated63
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated64
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated65
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53 Updated66
   JuniperQfx10000 Version-
JuniperJunos Version15.1x53
   JuniperQfx5110 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53 Updated210
   JuniperQfx5110 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53 Updated230
   JuniperQfx5110 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53 Updated231
   JuniperQfx5110 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53 Updated232
   JuniperQfx5110 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53 Updated30
   JuniperQfx5110 Version-
   JuniperQfx5200 Version-
JuniperJunos Version15.1x53
   JuniperNfx Series Version-
JuniperJunos Version15.1x53 Updated40
   JuniperNfx Series Version-
JuniperJunos Version15.1x53 Updated45
   JuniperNfx Series Version-
JuniperJunos Version15.1x53 Updated495
   JuniperNfx Series Version-
JuniperJunos Version16.1
JuniperJunos Version16.1 Updater1
JuniperJunos Version16.1 Updater2
JuniperJunos Version16.1 Updater3
JuniperJunos Version16.1 Updater4
JuniperJunos Version16.1 Updater5
JuniperJunos Version16.2
JuniperJunos Version16.2 Updater1
JuniperJunos Version16.2 Updater3
JuniperJunos Version17.1
JuniperJunos Version17.1 Updater1
JuniperJunos Version17.1 Updater3
JuniperJunos Version17.2
JuniperJunos Version17.2 Updater1
JuniperJunos Version17.2 Updater2
JuniperJunos Version17.3
JuniperJunos Version17.3 Updater1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.49% 0.626
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
sirt@juniper.net 5.3 3.9 1.4
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securitytracker.com/id/1041860
Third Party Advisory
VDB Entry