Multiple vulnerabilities in Juniper Junos
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2018-0009 CVE-2018-0008 CVE-2018-0004 CVE-2018-0006 |
| CWE-ID | CWE-264 CWE-400 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Juniper Junos OS Operating systems & Components / Operating system |
| Vendor | Juniper Networks, Inc. |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Security restrictions bypass
EUVDB-ID: #VU10148
Risk: Medium
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0009
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to improper access and privileges controls. A remote attacker can bypass the firewall to access resources on the target
network when firewall rules are configured for custom application UUIDs
that start with a zero.
The vulnerability is addressed in the following versions: 12.1X46-D71, 12.3X48-D55, 15.1X49-D100, 17.3R1.
Vulnerable software versionsJuniper Junos OS: 12.1 - 15.2
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10836
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Privilege escalation
EUVDB-ID: #VU10149
Risk: Low
CVSSv3.1: 5.4 [CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0008
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a physically local attacker to gain elevated privileges on the target system.
The weakness exists due to improper access and privileges controls. A physically local attacker on the console can gain root access without
authenticating after an authenticated administrator has run a commit
script containing certain instructions and the system reboots into a
"safe mode" authentication state.
The vulnerability is addressed in the following versions: 12.1X46-D71, 12.3X48-D55, 14.1R9, 14.1X53-D40, 14.2R7-S9, 14.2R8, 15.1F5-S7, 15.1F6-S8, 15.1R5-S6, 15.1R6, 15.1X49-D110, 15.1X53-D49, 15.1X53-D470, 15.1X53-D232, 15.1X53-D65, 16.1R2, 16.2R1.
Vulnerable software versionsJuniper Junos OS: 12.1 - 16.1
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10835
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Resource exhaustion
EUVDB-ID: #VU10150
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0004
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to improper validation of user-supplied input. A remote attacker can send a sustained sequence of traffic that, when a certain command is issued by the administrator, will consume excessive CPU resources on the target system and cause the
forwarding plane and/or control plane to become inaccessible.
The vulnerability is addressed in the following versions: 12.1X46-D50, 12.3R12-S7, 12.3X48-D30, 14.1R8-S4, 14.1R9, 14.1X53-D30, 14.1X53-D34, 14.2R8, 15.1F6, 15.1R3, 15.1X49-D40, 15.1X53-D31, 15.1X53-D33, 15.1X53-D60, 16.1R1.
Vulnerable software versionsJuniper Junos OS: 12.1 - 15.2
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10832
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Resource exhaustion
EUVDB-ID: #VU10151
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0006
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to cause DoS condition on the target system.
the weakness exists due to insufficient validation of user-supplied input. An adjacent attacker can send VLAN authentication attempts via the local broadcast domain to
consume excessive memory on the target BBE subscriber management daemon
(bbe-smgd) and cause denial of service conditions.
The vulnerability is addressed in the following versions: 15.1R6-S2, 15.1R7, 16.1R5-S1, 16.1R6, 16.2R2-S2, 16.2R3, 17.1R2-S5, 17.1R3, 17.2R2, 17.3R1, 17.4R1.
Vulnerable software versionsJuniper Junos OS: 15.1 - 17.3R1
External linkshttp:kb.juniper.net/InfoCenter/index?page=content&id=JSA10834
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
