{"containers": {"cna": {"affected": [{"platforms": ["SRX Series"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "12.3X48-D75", "status": "affected", "version": "12.3X48", "versionType": "custom"}, {"lessThan": "15.1X49-D150", "status": "affected", "version": "15.1X49", "versionType": "custom"}, {"lessThan": "17.3R3", "status": "affected", "version": "17.3", "versionType": "custom"}, {"lessThan": "17.4R2", "status": "affected", "version": "17.4", "versionType": "custom"}, {"lessThan": "18.1R3", "status": "affected", "version": "18.1", "versionType": "custom"}, {"lessThan": "18.2R2", "status": "affected", "version": "18.2", "versionType": "custom"}]}], "configurations": [{"lang": "en", "value": "Sample configuration:\n\n user@host# show security dynamic-vpn\n access-profile dyn-vpn-access-profile;\n clients {\n \tgrp {\n \t\tuser {\n \t\t\tclient1;\n \t\t}\n \t}\n }"}], "datePublic": "2019-01-09T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token caching, deleted users are allowed to connect once a previously successful dynamic VPN connection has been established. A reboot is required to clear the cached authentication token. Affected releases are Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D75; 15.1X49 versions prior to 15.1X49-D150; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Unauthorized access", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-01-23T10:57:01", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"name": "106668", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/106668"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA10915"}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 12.3X48-D75, 15.1X49-D150, 17.3R3, 17.4R2, 18.1R3, 18.2R2, 18.3R1, and all subsequent releases."}], "source": {"advisory": "JSA10915", "defect": ["1360111", "1350867"], "discovery": "USER"}, "title": "Junos OS: SRX Series: Deleted dynamic VPN users are allowed to establish VPN connections until reboot", "workarounds": [{"lang": "en", "value": "There are no viable workarounds for this issue."}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2019-01-09T17:00:00.000Z", "ID": "CVE-2019-0015", "STATE": "PUBLIC", "TITLE": "Junos OS: SRX Series: Deleted dynamic VPN users are allowed to establish VPN connections until reboot"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"affected": "<", "platform": "SRX Series", "version_affected": "<", "version_name": "12.3X48", "version_value": "12.3X48-D75"}, {"affected": "<", "platform": "SRX Series", "version_affected": "<", "version_name": "15.1X49", "version_value": "15.1X49-D150"}, {"affected": "<", "platform": "SRX Series", "version_affected": "<", "version_name": "17.3", "version_value": "17.3R3"}, {"affected": "<", "platform": "SRX Series", "version_affected": "<", "version_name": "17.4", "version_value": "17.4R2"}, {"affected": "<", "platform": "SRX Series", "version_affected": "<", "version_name": "18.1", "version_value": "18.1R3"}, {"affected": "<", "platform": "SRX Series", "version_affected": "<", "version_name": "18.2", "version_value": "18.2R2"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "configuration": [{"lang": "en", "value": "Sample configuration:\n\n user@host# show security dynamic-vpn\n access-profile dyn-vpn-access-profile;\n clients {\n \tgrp {\n \t\tuser {\n \t\t\tclient1;\n \t\t}\n \t}\n }"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token caching, deleted users are allowed to connect once a previously successful dynamic VPN connection has been established. A reboot is required to clear the cached authentication token. Affected releases are Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D75; 15.1X49 versions prior to 15.1X49-D150; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2."}]}, "exploit": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Unauthorized access"}]}]}, "references": {"reference_data": [{"name": "106668", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106668"}, {"name": "https://kb.juniper.net/JSA10915", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA10915"}]}, "solution": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 12.3X48-D75, 15.1X49-D150, 17.3R3, 17.4R2, 18.1R3, 18.2R2, 18.3R1, and all subsequent releases."}], "source": {"advisory": "JSA10915", "defect": ["1360111", "1350867"], "discovery": "USER"}, "work_around": [{"lang": "en", "value": "There are no viable workarounds for this issue."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T17:37:07.150Z"}, "title": "CVE Program Container", "references": [{"name": "106668", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/106668"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.juniper.net/JSA10915"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2019-0015", "datePublished": "2019-01-15T21:00:00Z", "dateReserved": "2018-10-11T00:00:00", "dateUpdated": "2024-09-16T19:20:13.135Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*", "matchCriteriaId": "AC1FED64-8725-4978-9EBF-E3CD8EF338E4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*", "matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d100:*:*:*:*:*:*", "matchCriteriaId": "40FCCE73-C94E-4A0B-B056-8D323C64B425", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*", "matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*", "matchCriteriaId": "5FF83BD0-3B28-481E-8C8F-09ECDA493DA4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*", "matchCriteriaId": "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*", "matchCriteriaId": "3C82799B-BD25-4359-9E3D-4D7CA7367525", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*", "matchCriteriaId": "094485FF-960C-4533-A2AF-6C4D420D260D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*", "matchCriteriaId": "F8BE3661-1DE5-4F57-9384-68C1B34F6812", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*", "matchCriteriaId": "B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*", "matchCriteriaId": "C6C694C6-C58C-4513-91E8-6CC22A2386E3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d51:*:*:*:*:*:*", "matchCriteriaId": "64A0CCD4-91BA-440E-A14C-48E67D1F03A1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*", "matchCriteriaId": "6B65EF51-ED97-4973-94C4-8F66C553F190", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*", "matchCriteriaId": "9EE7C08A-2A4B-4A84-AD95-A890913E2EE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*", "matchCriteriaId": "44C61900-680C-4C74-8B96-ACC93FE9465E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d66:*:*:*:*:*:*", "matchCriteriaId": "6A793CCD-397E-45DA-9349-D01C69AB96D9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d70:*:*:*:*:*:*", "matchCriteriaId": "B6C38637-ABE0-419A-A053-CBE076766551", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*", "matchCriteriaId": "27A6BF09-ABBF-4126-ADD6-B174937F8554", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*", "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*", "matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*", "matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*", "matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*", "matchCriteriaId": "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d131:*:*:*:*:*:*", "matchCriteriaId": "40D42ACF-860C-4B47-8E25-7DEC30FB8064", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*", "matchCriteriaId": "C808E08F-1992-43DD-A106-E920DC784831", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d15:*:*:*:*:*:*", "matchCriteriaId": "C8C94365-988C-4A14-8E49-846152FDC666", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*", "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d25:*:*:*:*:*:*", "matchCriteriaId": "6825F6BA-B48F-4E02-938F-6B297E21BA07", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*", "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*", "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*", "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*", "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*", "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*", "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*", "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*", "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*", "matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*", "matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*", "matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*", "matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*", "matchCriteriaId": "A283D32F-1CAF-4A5A-83E1-585F2801771F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*", "matchCriteriaId": "38A40E03-F915-4888-87B0-5950F75F097D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "C52E355B-DA7D-4FDE-B2D7-A3C3C9C99918", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "267A3603-BC18-442E-803A-4CAEB6493433", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*", "matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "32F83E8B-A816-4F26-95F8-F0DA7F3DF426", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "2C433359-BC8B-4E69-BE74-A31EB148083A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "BCA2976C-C84B-40D9-A806-588629BFFB13", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s4:*:*:*:*:*:*", "matchCriteriaId": "A2C7B980-033E-40AC-98C9-B252733B0F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s5:*:*:*:*:*:*", "matchCriteriaId": "BA8D32E4-1892-46DC-9782-5466A14E18D9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*", "matchCriteriaId": "A00CA6FB-8F28-4171-B510-8DBA351E80C0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*", "matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "605F1AD7-5B09-44F0-9017-15AB3EEE559C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "DF3F9F86-166F-45E4-92B7-3DD3B06199F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "4E4EB6B0-8DB2-4199-96E4-30195D49F756", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s5:*:*:*:*:*:*", "matchCriteriaId": "204FC7B5-9CF2-4AC2-9B8D-DA48CAEA6496", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*", "matchCriteriaId": "9D8A8E33-473A-4A40-A7B7-47086BB9012A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*", "matchCriteriaId": "F0F65DCA-34B9-4CE8-91C9-426AAAEB4097", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*", "matchCriteriaId": "0DFDD907-5305-4602-8A9C-685AA112C342", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r:*:*:*:*:*:*", "matchCriteriaId": "2D24FDED-D8BE-4C7E-8F0E-91901FC66A84", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*", "matchCriteriaId": "B0A756E2-C320-405A-B24F-7C5022649E5A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*", "matchCriteriaId": "2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "84F5BCBA-404B-4BC9-B363-CE6D231B0D6D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "18A4CA3E-DA61-49CC-8476-3A476CCB2B83", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*", "matchCriteriaId": "A7380B3E-09F5-4497-86C6-11EF56BD89F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*", "matchCriteriaId": "A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r:*:*:*:*:*:*", "matchCriteriaId": "9359A058-6B77-4DEE-B28A-D5CD906EBAFF", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1:*:*:*:*:*:*", "matchCriteriaId": "167EEC4F-729E-47C2-B0F8-E8108CE3E985", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1:-:*:*:*:*:*", "matchCriteriaId": "90BF177D-A895-4D05-B674-B27420A5DC6B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "0070B31B-59DC-46E9-93E0-1E8BF3560BFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "A893CCE5-96B8-44A1-ABEF-6AB9B527B2FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "42203801-E2E7-4DCF-ABBB-D23A91B2A9FF", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*", "matchCriteriaId": "238EC996-8E8C-4332-916F-09E54E6EBB9D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", "matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", "matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", "matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*", "matchCriteriaId": "06A03463-6B1D-4DBA-9E89-CAD5E899B98B", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token caching, deleted users are allowed to connect once a previously successful dynamic VPN connection has been established. A reboot is required to clear the cached authentication token. Affected releases are Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D75; 15.1X49 versions prior to 15.1X49-D150; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2."}, {"lang": "es", "value": "Una vulnerabilidad en el Service Gateway de la serie SRX permite que los usuarios VPN din\u00e1micos eliminados establezcan conexiones VPN din\u00e1micas hasta que se reinicie el dispositivo. Se deber\u00eda prohibir que una conexi\u00f3n VPN din\u00e1mica eliminada establezca nuevas conexiones VPN. Debido a un error en el cacheo de tokens, los usuarios eliminados pueden conectarse una vez se establezca una conexi\u00f3n VPN din\u00e1mica previamente exitosa. Se requiere un reinicio para limpiar el token de autenticaci\u00f3n en cach\u00e9. Las versiones afectadas son Juniper Networks SRX Series: 12.3X48 en versiones anteriores a la 12.3X48-D75; 15.1X49 en versiones anteriores a la 15.1X49-D150; 17.3 en versiones anteriores a la 17.3R3; 17.4 en versiones anteriores a la 17.4R2; 18.1 en versiones anteriores a la 18.1R3; 18.2 en versiones anteriores a la 18.2R2."}], "id": "CVE-2019-0015", "lastModified": "2024-11-21T04:16:03.273", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 5.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "sirt@juniper.net", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-01-15T21:29:01.417", "references": [{"source": "sirt@juniper.net", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/106668"}, {"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA10915"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/106668"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA10915"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-613"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}