9.8

CVE-2019-0036

When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" (e.g. "internal-1", "internal-2", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results. Affected releases are Juniper Networks Junos OS: All versions prior to and including 12.3; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D161, 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4; 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3; 18.4 versions prior to 18.4R1-S1, 18.4R1-S2.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Version15.1 Update-
JuniperJunos Version15.1 Updatef1
JuniperJunos Version15.1 Updatef2
JuniperJunos Version15.1 Updatef3
JuniperJunos Version15.1 Updatef4
JuniperJunos Version15.1 Updatef5
JuniperJunos Version15.1 Updatef6
JuniperJunos Version15.1 Updater1
JuniperJunos Version15.1 Updater2
JuniperJunos Version15.1 Updater3
JuniperJunos Version15.1 Updater4
JuniperJunos Version15.1 Updater5
JuniperJunos Version15.1 Updater6
JuniperJunos Version15.1f6-s1 Updatef6
JuniperJunos Version15.1f6-s2 Updatef6
JuniperJunos Version15.1f6-s4 Updatef6
JuniperJunos Version15.1f6-s5 Updatef6
JuniperJunos Version15.1f6-s6 Updatef6
JuniperJunos Version15.1f6-s7 Updatef6
JuniperJunos Version15.1f6-s8 Updatef6
JuniperJunos Version15.1f6-s9 Updatef6
JuniperJunos Version15.1f6-s10 Updatef6
JuniperJunos Version15.1f6-s11 Updatef6
JuniperJunos Version15.1x49 Updated10
JuniperJunos Version15.1x49 Updated100
JuniperJunos Version15.1x49 Updated110
JuniperJunos Version15.1x49 Updated120
JuniperJunos Version15.1x49 Updated130
JuniperJunos Version15.1x49 Updated150
JuniperJunos Version15.1x49 Updated20
JuniperJunos Version15.1x49 Updated30
JuniperJunos Version15.1x49 Updated35
JuniperJunos Version15.1x49 Updated40
JuniperJunos Version15.1x49 Updated45
JuniperJunos Version15.1x49 Updated50
JuniperJunos Version15.1x49 Updated55
JuniperJunos Version15.1x49 Updated60
JuniperJunos Version15.1x49 Updated65
JuniperJunos Version15.1x49 Updated70
JuniperJunos Version15.1x49 Updated75
JuniperJunos Version15.1x49 Updated80
JuniperJunos Version15.1x49 Updated90
JuniperJunos Version15.1x53 Updated10
JuniperJunos Version15.1x53 Updated20
JuniperJunos Version15.1x53 Updated21
JuniperJunos Version15.1x53 Updated210
JuniperJunos Version15.1x53 Updated230
JuniperJunos Version15.1x53 Updated231
JuniperJunos Version15.1x53 Updated232
JuniperJunos Version15.1x53 Updated233
JuniperJunos Version15.1x53 Updated25
JuniperJunos Version15.1x53 Updated30
JuniperJunos Version15.1x53 Updated32
JuniperJunos Version15.1x53 Updated33
JuniperJunos Version15.1x53 Updated34
JuniperJunos Version15.1x53 Updated40
JuniperJunos Version15.1x53 Updated45
JuniperJunos Version15.1x53 Updated495
JuniperJunos Version15.1x53 Updated56
JuniperJunos Version15.1x53 Updated60
JuniperJunos Version15.1x53 Updated61
JuniperJunos Version15.1x53 Updated62
JuniperJunos Version15.1x53 Updated63
JuniperJunos Version16.1 Updater1
JuniperJunos Version16.1 Updater2
JuniperJunos Version16.1 Updater3
JuniperJunos Version16.1 Updater4
JuniperJunos Version16.1 Updater5
JuniperJunos Version16.1 Updater6
JuniperJunos Version16.1 Updater7
JuniperJunos Version17.3 Updater1
JuniperJunos Version17.3 Updater2
JuniperJunos Version17.3 Updater3 Edition-
JuniperJunos Version17.3 Updater3-s1
JuniperJunos Version17.3 Updater3-s2
JuniperJunos Version17.3 Updater3-s3
JuniperJunos Version17.2 Updater1
JuniperJunos Version17.2 Updater1-s7
JuniperJunos Version17.2 Updater2
JuniperJunos Version17.2 Updater3
JuniperJunos Version17.4 Updater1
JuniperJunos Version17.4 Updater2
JuniperJunos Version18.1 Updater1
JuniperJunos Version18.1 Updater2
JuniperJunos Version18.2 Updater1 Edition-
JuniperJunos Version18.2 Updater1-s3
JuniperJunos Version18.2 Updater2-s1
JuniperJunos Version18.2 Updater2-s2
JuniperJunos Version18.3 Updater1-s1
JuniperJunos Version18.2x75 Update-
JuniperJunos Version <= 12.3
JuniperJunos Version14.1x53 Update-
JuniperJunos Version14.1x53 Updated10
JuniperJunos Version14.1x53 Updated15
JuniperJunos Version14.1x53 Updated16
JuniperJunos Version14.1x53 Updated25
JuniperJunos Version14.1x53 Updated26
JuniperJunos Version14.1x53 Updated27
JuniperJunos Version14.1x53 Updated30
JuniperJunos Version14.1x53 Updated35
JuniperJunos Version14.1x53 Updated40
JuniperJunos Version14.1x53 Updated42
JuniperJunos Version14.1x53 Updated43
JuniperJunos Version14.1x53 Updated44
JuniperJunos Version14.1x53 Updated45
JuniperJunos Version14.1x53 Updated46
JuniperJunos Version14.1x53 Updated47
JuniperJunos Version14.1x53 Updated48
JuniperJunos Version18.4 Updater1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.26% 0.459
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
sirt@juniper.net 7.2 3.9 2.7
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.