{"containers": {"cna": {"affected": [{"product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5", "status": "affected", "version": "15.1", "versionType": "custom"}, {"lessThan": "15.1X49-D60", "status": "affected", "version": "15.1X49", "versionType": "custom"}, {"lessThan": "15.1X53-D66, 15.1X53-D233, 15.1X53-D471", "status": "affected", "version": "15.1X53", "versionType": "custom"}]}], "configurations": [{"lang": "en", "value": "The following configuration is required:\n set protocols isis clns-routing"}], "datePublic": "2018-04-11T00:00:00", "descriptions": [{"lang": "en", "value": "Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only vulnerable to the specially crafted CLNP datagram if 'clns-routing' or ES-IS is explicitly configured. Devices with without CLNS enabled are not vulnerable to this issue. Devices with IS-IS configured on the interface are not vulnerable to this issue unless CLNS routing is also enabled. This issue only affects devices running Junos OS 15.1. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5; 15.1X49 versions prior to 15.1X49-D60; 15.1X53 versions prior to 15.1X53-D66, 15.1X53-D233, 15.1X53-D471. Earlier releases are unaffected by this vulnerability, and the issue has been resolved in Junos OS 16.1R1 and all subsequent releases."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Denial of Service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-05-05T09:57:01", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"name": "103747", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/103747"}, {"name": "1040784", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1040784"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA10844"}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5, 15.1X49-D60, 15.1X53-D66, 15.1X53-D233, 15.1X53-D471, 16.1R1, and all subsequent releases."}], "source": {"advisory": "JSA10844", "defect": ["1167683"], "discovery": "INTERNAL"}, "title": "Junos OS: Kernel crash upon receipt of crafted CLNP datagrams", "workarounds": [{"lang": "en", "value": "Use access lists or firewall filters to limit access to the device via CLNP only from trusted hosts."}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2018-04-11T16:00:00.000Z", "ID": "CVE-2018-0016", "STATE": "PUBLIC", "TITLE": "Junos OS: Kernel crash upon receipt of crafted CLNP datagrams"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_name": "15.1", "version_value": "15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5"}, {"affected": "<", "version_affected": "<", "version_name": "15.1X49", "version_value": "15.1X49-D60"}, {"affected": "<", "version_affected": "<", "version_name": "15.1X53", "version_value": "15.1X53-D66, 15.1X53-D233, 15.1X53-D471"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "configuration": [{"lang": "en", "value": "The following configuration is required:\n set protocols isis clns-routing"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only vulnerable to the specially crafted CLNP datagram if 'clns-routing' or ES-IS is explicitly configured. Devices with without CLNS enabled are not vulnerable to this issue. Devices with IS-IS configured on the interface are not vulnerable to this issue unless CLNS routing is also enabled. This issue only affects devices running Junos OS 15.1. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5; 15.1X49 versions prior to 15.1X49-D60; 15.1X53 versions prior to 15.1X53-D66, 15.1X53-D233, 15.1X53-D471. Earlier releases are unaffected by this vulnerability, and the issue has been resolved in Junos OS 16.1R1 and all subsequent releases."}]}, "exploit": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service"}]}]}, "references": {"reference_data": [{"name": "103747", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103747"}, {"name": "1040784", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040784"}, {"name": "https://kb.juniper.net/JSA10844", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA10844"}]}, "solution": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5, 15.1X49-D60, 15.1X53-D66, 15.1X53-D233, 15.1X53-D471, 16.1R1, and all subsequent releases."}], "source": {"advisory": "JSA10844", "defect": ["1167683"], "discovery": "INTERNAL"}, "work_around": [{"lang": "en", "value": "Use access lists or firewall filters to limit access to the device via CLNP only from trusted hosts."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:14:16.221Z"}, "title": "CVE Program Container", "references": [{"name": "103747", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/103747"}, {"name": "1040784", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1040784"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.juniper.net/JSA10844"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2018-0016", "datePublished": "2018-04-11T19:00:00Z", "dateReserved": "2017-11-16T00:00:00", "dateUpdated": "2024-09-17T00:00:58.997Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "BD0952C4-FFCC-4A78-ADFC-289BD6E269DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*", "matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*", "matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*", "matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*", "matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f:*:*:*:*:*:*:*", "matchCriteriaId": "99A79967-FBAD-4205-AF27-A64C2AA34E86", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f2:*:*:*:*:*:*:*", "matchCriteriaId": "F340A343-BEAB-42E9-A627-5BCD4B82427E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f3:*:*:*:*:*:*:*", "matchCriteriaId": "027BAB70-7DB8-4642-8B6B-F7C3DF9149DE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f4:*:*:*:*:*:*:*", "matchCriteriaId": "9DA6701B-90D2-4286-8414-96E45B37364A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f5:*:*:*:*:*:*:*", "matchCriteriaId": "B4409D08-E682-4D5C-8A23-3F173F88BEF9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f5:s1:*:*:*:*:*:*", "matchCriteriaId": "795DE6D9-86ED-46DE-8496-024494B74C79", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f6:s1:*:*:*:*:*:*", "matchCriteriaId": "CD8A323E-64CE-46BE-AFF6-5F11ACB5A40B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f6:s2:*:*:*:*:*:*", "matchCriteriaId": "83773828-2475-4A65-ACDE-B6AD2588AB8B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*", "matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*", "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*", "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*", "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*", "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*", "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*", "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*", "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*", "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:*:*:*:*:*:*:*", "matchCriteriaId": "B71FB14A-67D4-4EDD-BB32-07764F5AFA6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*", "matchCriteriaId": "6E87C765-8D68-404A-AC71-3F22A7260E8C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*", "matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*", "matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*", "matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*", "matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*", "matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*", "matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*", "matchCriteriaId": "D58997E6-96B4-4930-A29D-B49D06DFA9D5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d51:*:*:*:*:*:*", "matchCriteriaId": "AFB887FD-D3FB-439F-9A89-CC367A74DB00", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d52:*:*:*:*:*:*", "matchCriteriaId": "BDA46912-D173-49C5-A0A1-64BD0889D3A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d55:*:*:*:*:*:*", "matchCriteriaId": "3BEE4EE4-18D9-4FA9-9A02-917240B851AA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d57:*:*:*:*:*:*", "matchCriteriaId": "188FED65-8A81-4BB0-B10B-8CA17B4F71CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d58:*:*:*:*:*:*", "matchCriteriaId": "9F03E847-748B-43BD-B6C1-BFDECE99BC3C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*", "matchCriteriaId": "962CCED8-E321-4878-9BE6-0DC33778559A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*", "matchCriteriaId": "2B08B97A-5D4D-405B-A1C4-9E327E4EED35", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*", "matchCriteriaId": "738C1061-E8B8-4924-AFE9-5E59F22CA4A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*", "matchCriteriaId": "9071DC8C-D0AA-448E-82BF-7C801199193F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d64:*:*:*:*:*:*", "matchCriteriaId": "395CC50B-9042-4B12-9A1C-A8D5D571DC25", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d65:*:*:*:*:*:*", "matchCriteriaId": "F0396190-54A5-4F11-8530-B5EC7BCBC85A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:junos:-:*:*:*:*:*:*:*", "matchCriteriaId": "1EA2466C-D443-4A63-AA4F-1AE4EE5DA02A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only vulnerable to the specially crafted CLNP datagram if 'clns-routing' or ES-IS is explicitly configured. Devices with without CLNS enabled are not vulnerable to this issue. Devices with IS-IS configured on the interface are not vulnerable to this issue unless CLNS routing is also enabled. This issue only affects devices running Junos OS 15.1. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5; 15.1X49 versions prior to 15.1X49-D60; 15.1X53 versions prior to 15.1X53-D66, 15.1X53-D233, 15.1X53-D471. Earlier releases are unaffected by this vulnerability, and the issue has been resolved in Junos OS 16.1R1 and all subsequent releases."}, {"lang": "es", "value": "La recepci\u00f3n de un datagrama CLNP (Connectionless Network Protocol) destinado a la interfaz de un dispositivo Junos OS puede resultar en un cierre inesperado del kernel o conducir a la ejecuci\u00f3n remota de c\u00f3digo. Los dispositivos solo son vulnerables al datagrama CLNP especialmente manipulado si 'clns-routing' o ES-IS est\u00e1n expl\u00edcitamente configurados. Los dispositivos sin CLNS habilitado no son vulnerables a este problema. Los dispositivos con IS-IS configurado en la interfaz no son vulnerables, a no ser que el enrutamiento CLNS est\u00e9 tambi\u00e9n habilitado. Este problema solo afecta a dispositivos que ejecutan Junos OS 15.1. Las versiones afectadas son Juniper Networks Junos OS: 15.1 en versiones anteriores a la 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5; 15.1X49 en versiones anteriores a la15.1X49-D60; 15.1X53 en versiones anteriores a la 15.1X53-D66, 15.1X53-D233 y 15.1X53-D471. Los lanzamientos anteriores no se han visto afectados por esta vulnerabilidad; el problema se ha resuelto en Junos OS 16.1R1 y en todas las versiones posteriores."}], "id": "CVE-2018-0016", "lastModified": "2024-11-21T03:37:21.847", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "sirt@juniper.net", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-04-11T19:29:00.277", "references": [{"source": "sirt@juniper.net", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/103747"}, {"source": "sirt@juniper.net", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040784"}, {"source": "sirt@juniper.net", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://kb.juniper.net/JSA10844"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/103747"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040784"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://kb.juniper.net/JSA10844"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}