{"containers": {"cna": {"affected": [{"product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"status": "affected", "version": "12.1X46"}, {"status": "affected", "version": "12.3X48"}, {"status": "affected", "version": "12.3"}, {"lessThan": "14.1X53-D130, 14.1X53-D49", "status": "affected", "version": "14.1X53", "versionType": "custom"}, {"lessThan": "15.1F6-S12, 15.1R7-S4", "status": "affected", "version": "15.1", "versionType": "custom"}, {"lessThan": "15.1X49-D161, 15.1X49-D170", "status": "affected", "version": "15.1X49", "versionType": "custom"}, {"lessThan": "15.1X53-D236, 15.1X53-D496, 15.1X53-D69", "status": "affected", "version": "15.1X53", "versionType": "custom"}, {"lessThan": "16.1R7-S4, 16.1R7-S5", "status": "affected", "version": "16.1", "versionType": "custom"}, {"lessThan": "16.2R2-S9", "status": "affected", "version": "16.2", "versionType": "custom"}, {"lessThan": "17.1R3", "status": "affected", "version": "17.1", "versionType": "custom"}, {"lessThan": "17.2R1-S8, 17.2R3-S1", "status": "affected", "version": "17.2", "versionType": "custom"}, {"lessThan": "17.3R3-S4", "status": "affected", "version": "17.3", "versionType": "custom"}, {"lessThan": "17.4R1-S7, 17.4R2-S3", "status": "affected", "version": "17.4", "versionType": "custom"}, {"lessThan": "18.1R2-S4, 18.1R3-S4", "status": "affected", "version": "18.1", "versionType": "custom"}, {"lessThan": "18.2R1-S5, 18.2R2-S1", "status": "affected", "version": "18.2", "versionType": "custom"}, {"lessThan": "18.2X75-D40", "status": "affected", "version": "18.2X75", "versionType": "custom"}, {"lessThan": "18.3R1-S3", "status": "affected", "version": "18.3", "versionType": "custom"}, {"lessThan": "18.4R1-S1, 18.4R1-S2", "status": "affected", "version": "18.4", "versionType": "custom"}]}], "configurations": [{"lang": "en", "value": "Sample configuration:\n\n term internal-1 {\n from {\n source-address {\n 157.249.32.21/32;\n }\n destination-address {\n 157.249.197.64/30;\n }\n protocol udp;\n destination-port 123;\n }\n then {\n count scan-ad-internal-1;\n accept;\n }\n }"}], "datePublic": "2019-04-10T00:00:00", "descriptions": [{"lang": "en", "value": "When configuring a stateless firewall filter in Junos OS, terms named using the format \"internal-n\" (e.g. \"internal-1\", \"internal-2\", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results. Affected releases are Juniper Networks Junos OS: All versions prior to and including 12.3; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D161, 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4; 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3; 18.4 versions prior to 18.4R1-S1, 18.4R1-S2."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284 Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-04-10T20:13:51", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA10925"}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 14.1X53-D130, 14.1X53-D49, 15.1F6-S12, 15.1R7-S4, 15.1X49-D161, 15.1X49-D170, 15.1X53-D236, 15.1X53-D496, 15.1X53-D69, 16.1R7-S4, 16.2R2-S9, 17.1R3, 17.2R1-S8, 17.2R3-S1, 17.3R3-S4, 17.4R1-S7, 17.4R2-S3, 18.1R2-S4, 18.1R3-S4, 18.2R1-S5, 18.2R2-S1, 18.2X75-D40, 18.3R1-S3, 18.4R1-S1, 19.1R1, and all subsequent releases.\n\nNote: Fixes are not available for Junos OS 12.1X46, 12.3X48, or 12.3R12 due to the high risk of making changes to earlier releases, and the easily implemented available workaround."}], "source": {"advisory": "JSA10925", "defect": ["1394922"], "discovery": "USER"}, "title": "Junos OS: Firewall filter terms named \"internal-1\" and \"internal-2\" being ignored", "workarounds": [{"lang": "en", "value": "Avoid configuring firewall filter names of the format: internal-n."}], "x_generator": {"engine": "Vulnogram 0.0.6"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2019-04-10T16:00:00.000Z", "ID": "CVE-2019-0036", "STATE": "PUBLIC", "TITLE": "Junos OS: Firewall filter terms named \"internal-1\" and \"internal-2\" being ignored"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"version_affected": "<", "version_name": "14.1X53", "version_value": "14.1X53-D130, 14.1X53-D49"}, {"version_affected": "<", "version_name": "15.1", "version_value": "15.1F6-S12, 15.1R7-S4"}, {"version_affected": "<", "version_name": "15.1X49", "version_value": "15.1X49-D161, 15.1X49-D170"}, {"version_affected": "<", "version_name": "15.1X53", "version_value": "15.1X53-D236, 15.1X53-D496, 15.1X53-D69"}, {"version_affected": "<", "version_name": "16.1", "version_value": "16.1R7-S4, 16.1R7-S5"}, {"version_affected": "<", "version_name": "16.2", "version_value": "16.2R2-S9"}, {"version_affected": "<", "version_name": "17.1", "version_value": "17.1R3"}, {"version_affected": "<", "version_name": "17.2", "version_value": "17.2R1-S8, 17.2R3-S1"}, {"version_affected": "<", "version_name": "17.3", "version_value": "17.3R3-S4"}, {"version_affected": "<", "version_name": "17.4", "version_value": "17.4R1-S7, 17.4R2-S3"}, {"version_affected": "<", "version_name": "18.1", "version_value": "18.1R2-S4, 18.1R3-S4"}, {"version_affected": "<", "version_name": "18.2", "version_value": "18.2R1-S5, 18.2R2-S1"}, {"version_affected": "<", "version_name": "18.2X75", "version_value": "18.2X75-D40"}, {"version_affected": "<", "version_name": "18.3", "version_value": "18.3R1-S3"}, {"version_affected": "<", "version_name": "18.4", "version_value": "18.4R1-S1, 18.4R1-S2"}, {"version_affected": "=", "version_name": "12.1X46", "version_value": "12.1X46"}, {"version_affected": "=", "version_name": "12.3X48", "version_value": "12.3X48"}, {"version_affected": "=", "version_name": "12.3", "version_value": "12.3"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "configuration": [{"lang": "en", "value": "Sample configuration:\n\n term internal-1 {\n from {\n source-address {\n 157.249.32.21/32;\n }\n destination-address {\n 157.249.197.64/30;\n }\n protocol udp;\n destination-port 123;\n }\n then {\n count scan-ad-internal-1;\n accept;\n }\n }"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When configuring a stateless firewall filter in Junos OS, terms named using the format \"internal-n\" (e.g. \"internal-1\", \"internal-2\", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results. Affected releases are Juniper Networks Junos OS: All versions prior to and including 12.3; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D161, 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4; 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3; 18.4 versions prior to 18.4R1-S1, 18.4R1-S2."}]}, "exploit": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "generator": {"engine": "Vulnogram 0.0.6"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284 Improper Access Control"}]}]}, "references": {"reference_data": [{"name": "https://kb.juniper.net/JSA10925", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA10925"}]}, "solution": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: Junos OS 14.1X53-D130, 14.1X53-D49, 15.1F6-S12, 15.1R7-S4, 15.1X49-D161, 15.1X49-D170, 15.1X53-D236, 15.1X53-D496, 15.1X53-D69, 16.1R7-S4, 16.2R2-S9, 17.1R3, 17.2R1-S8, 17.2R3-S1, 17.3R3-S4, 17.4R1-S7, 17.4R2-S3, 18.1R2-S4, 18.1R3-S4, 18.2R1-S5, 18.2R2-S1, 18.2X75-D40, 18.3R1-S3, 18.4R1-S1, 19.1R1, and all subsequent releases.\n\nNote: Fixes are not available for Junos OS 12.1X46, 12.3X48, or 12.3R12 due to the high risk of making changes to earlier releases, and the easily implemented available workaround."}], "source": {"advisory": "JSA10925", "defect": ["1394922"], "discovery": "USER"}, "work_around": [{"lang": "en", "value": "Avoid configuring firewall filter names of the format: internal-n."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T17:37:07.175Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.juniper.net/JSA10925"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2019-0036", "datePublished": "2019-04-10T20:13:51.331942Z", "dateReserved": "2018-10-11T00:00:00", "dateUpdated": "2024-09-16T20:51:51.887Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1:-:*:*:*:*:*:*", "matchCriteriaId": "285CD1E5-C6D3-470A-8556-653AFF74D0F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*", "matchCriteriaId": "C56F5C48-BA48-4EE1-88BE-782B3CFB3B90", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*", "matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*", "matchCriteriaId": "0E0ECBD8-3D66-49DA-A557-5695159F0C06", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*", "matchCriteriaId": "0EAA2998-A0D6-4818-9E7C-25E8099403E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*", "matchCriteriaId": "2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*", "matchCriteriaId": "71D211B9-B2FE-4324-AAEE-8825D5238E48", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*", "matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*", "matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*", "matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*", "matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*", "matchCriteriaId": "08FC0245-A4FF-42C0-A236-8569301E351A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*", "matchCriteriaId": "120EA9E3-788B-4CFD-A74F-17111FFD0131", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f6-s1:f6:*:*:*:*:*:*", "matchCriteriaId": "F13BC7FE-9DE8-424F-B542-11ACAC3FBC06", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f6-s2:f6:*:*:*:*:*:*", "matchCriteriaId": "AD300A7F-356B-4A72-B9BE-92ADFA33EBF8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f6-s4:f6:*:*:*:*:*:*", "matchCriteriaId": "C92BF5DD-0C64-4305-801D-B79F611D3DBE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f6-s5:f6:*:*:*:*:*:*", "matchCriteriaId": "FC6D8CAA-8801-4B51-B0B9-25D5F9338345", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f6-s6:f6:*:*:*:*:*:*", "matchCriteriaId": "FE5829DE-300B-464B-81B1-12808B5AEC56", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f6-s7:f6:*:*:*:*:*:*", "matchCriteriaId": "9594BDF9-1B9A-4843-AED8-B718A34A6C9A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f6-s8:f6:*:*:*:*:*:*", "matchCriteriaId": "8AE62DD4-B904-4FD4-B7FB-6E3384DDBF35", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f6-s9:f6:*:*:*:*:*:*", "matchCriteriaId": "A35CA1B8-5C58-48F9-899F-91C79930AFD8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f6-s10:f6:*:*:*:*:*:*", "matchCriteriaId": "025FBD33-6649-403C-822E-3BDA94A20FA5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1f6-s11:f6:*:*:*:*:*:*", "matchCriteriaId": "98B0BD67-A60F-40E4-9FF4-DF129ABE1556", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*", "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*", "matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*", "matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*", "matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*", "matchCriteriaId": "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*", "matchCriteriaId": "E288F54B-AEA3-412F-85A4-EBDFE74DB84F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*", "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*", "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*", "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*", "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*", "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*", "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*", "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*", "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*", "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*", "matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*", "matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*", "matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*", "matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d10:*:*:*:*:*:*", "matchCriteriaId": "6E87C765-8D68-404A-AC71-3F22A7260E8C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*", "matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*", "matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*", "matchCriteriaId": "BBD36C0D-0F44-4349-968D-4CD60F281D84", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d230:*:*:*:*:*:*", "matchCriteriaId": "3E364FE2-5FB1-4E14-8DF5-CA21F4BFBBC5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d231:*:*:*:*:*:*", "matchCriteriaId": "7F22C4C2-20E0-428F-A9BF-37E8BD63A9E3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d232:*:*:*:*:*:*", "matchCriteriaId": "71334963-7BF1-49DB-84E6-D6F2A927458B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d233:*:*:*:*:*:*", "matchCriteriaId": "E773AA7F-AB97-488A-B73D-682FB5553B31", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d25:*:*:*:*:*:*", "matchCriteriaId": "1DD0B95A-7C9F-4A18-9CD8-BA344DEFC9D4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*", "matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*", "matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*", "matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*", "matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d40:*:*:*:*:*:*", "matchCriteriaId": "C2B5ED13-F998-447C-8FEA-047FE9FE2F4B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d45:*:*:*:*:*:*", "matchCriteriaId": "65F3CD2A-D5E1-4EFF-9013-6D81B396F765", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d495:*:*:*:*:*:*", "matchCriteriaId": "723FD85C-C763-4017-B6BF-0CA707997D2A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d56:*:*:*:*:*:*", "matchCriteriaId": "3978B35D-5745-47BC-A56F-A0678AB0F3E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*", "matchCriteriaId": "962CCED8-E321-4878-9BE6-0DC33778559A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*", "matchCriteriaId": "2B08B97A-5D4D-405B-A1C4-9E327E4EED35", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*", "matchCriteriaId": "738C1061-E8B8-4924-AFE9-5E59F22CA4A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*", "matchCriteriaId": "9071DC8C-D0AA-448E-82BF-7C801199193F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*", "matchCriteriaId": "BBE35BDC-7739-4854-8BB8-E8600603DE9D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*", "matchCriteriaId": "2DC47132-9EEA-4518-8F86-5CD231FBFB61", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*", "matchCriteriaId": "CD5A30CE-9498-4007-8E66-FD0CC6CF1836", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*", "matchCriteriaId": "6D3E38C1-808C-4BD3-993D-F30855F5390F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*", "matchCriteriaId": "72194CB7-FFDC-4897-9D6E-EA3459DDDEB5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:r6:*:*:*:*:*:*", "matchCriteriaId": "92F35C19-5AD2-4F98-8313-2E880714DF3B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:r7:*:*:*:*:*:*", "matchCriteriaId": "6B4A4960-0241-4BF4-8857-8B7BE33466B6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*", "matchCriteriaId": "38A40E03-F915-4888-87B0-5950F75F097D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*", "matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3:-:*:*:*:*:*", "matchCriteriaId": "D1CAEBD2-2E46-44B5-B1D1-1DDBD450FD27", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "565AE6D8-28A9-4A62-A886-5BAB954695D8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "0C366F93-BB30-4144-99AE-40B676977834", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "488BB10A-1360-42E5-A68D-23D51B332850", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*", "matchCriteriaId": "E889BF9C-BDDF-4A6A-97BB-00A097EF6D91", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s7:*:*:*:*:*:*", "matchCriteriaId": "9689695F-53EB-4B35-9072-750E7282B011", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*", "matchCriteriaId": "7D45F2C3-20FF-4A91-A440-E109B3CCE7C9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r3:*:*:*:*:*:*", "matchCriteriaId": "11E055AC-5626-4EBB-8611-17BB1E8AEF15", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*", "matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*", "matchCriteriaId": "0E0CE79A-157D-47DE-BE65-936BC12470EB", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*", "matchCriteriaId": "B0A756E2-C320-405A-B24F-7C5022649E5A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*", "matchCriteriaId": "2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.2:r1:-:*:*:*:*:*", "matchCriteriaId": "90BF177D-A895-4D05-B674-B27420A5DC6B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "A893CCE5-96B8-44A1-ABEF-6AB9B527B2FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "21B7820C-01D2-401C-9E6D-C83994FD5961", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "3D2FBD29-2CAC-41B4-9336-671373EF4A7C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.2x75:-:*:*:*:*:*:*", "matchCriteriaId": "EEC6BBCF-6429-4BD8-9728-4A1B0616D7C9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", "matchCriteriaId": "CEE60500-EC4A-466A-A0B8-26337AC3CCBB", "versionEndIncluding": "12.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1x53:-:*:*:*:*:*:*", "matchCriteriaId": "6FEF5DD8-B0B2-4ED2-B38F-CE870485AB8C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*", "matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*", "matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*", "matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*", "matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*", "matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*", "matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*", "matchCriteriaId": "74500FC7-EE82-4AA8-9A5F-15DE4835E337", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*", "matchCriteriaId": "AAE14AE1-6756-4831-A8D5-A6D07DB24AF2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*", "matchCriteriaId": "A545D686-25FD-47CD-838A-CF69FB707253", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d42:*:*:*:*:*:*", "matchCriteriaId": "39427B97-EB80-46BE-A5D0-90CCEC1DD207", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d43:*:*:*:*:*:*", "matchCriteriaId": "131CBAB6-8222-4CDC-AEC8-8AD1AD507C61", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d44:*:*:*:*:*:*", "matchCriteriaId": "81BEA7EA-FF95-425B-9245-21927E1F30C5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*", "matchCriteriaId": "EB013C0D-893D-4A71-AF86-B63DB4464784", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*", "matchCriteriaId": "9A3CB6CF-A22B-43F8-8E92-6268BBF7E644", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d47:*:*:*:*:*:*", "matchCriteriaId": "E77B6650-6316-41D1-9EA3-4429DD972628", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:14.1x53:d48:*:*:*:*:*:*", "matchCriteriaId": "E03E379C-BC08-4FB7-9C01-41F75DFD281F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*", "matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "When configuring a stateless firewall filter in Junos OS, terms named using the format \"internal-n\" (e.g. \"internal-1\", \"internal-2\", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results. Affected releases are Juniper Networks Junos OS: All versions prior to and including 12.3; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D161, 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4; 18.2 versions prior to 18.2R1-S5, 18.2R2-S1; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3; 18.4 versions prior to 18.4R1-S1, 18.4R1-S2."}, {"lang": "es", "value": "Cuando se configura un filtro de cortafuegos sin estado en Junos OS, los t\u00e9rminos nombrados con el formato \"internal-n\" (por ejemplo, \"internal-1\", \"internal-2\", etc.) se ignoran en silencio. No se emite ninguna advertencia durante la configuraci\u00f3n, y la configuraci\u00f3n se realiza sin errores, pero los criterios de filtrado coincidir\u00e1n con todos los paquetes, lo que dar\u00e1 lugar a resultados inesperados. Las versiones afectadas de Juniper Networks Junos OS son: todas las versiones anteriores e incluyendo 12.3; 14.1X53 versiones anteriores a 14.1X53-D130, 14.1X53-D49; 15.1 versiones anteriores a 15.1F6-S12, 15.1R7-S4; 15.1X49 versiones anteriores a 15.1X49-D161, 15.1X49-D170; 15.1X53 versiones anteriores a 15.1X53-D236, 15.1X53-D496, 15.1X53-D69; 16.1 versiones anteriores a 16.1R7-S4, 16.1R7-S5; 16.2 versiones anteriores a 16.2R2-S9; 17.1 versiones anteriores a 17.1R3; 17.2 versiones anteriores a 17.2R1-S8, 17.2R3-S1; 17.3 versiones anteriores a 17.3R3-S4; 17.4 versiones anteriores a 17.4R1-S7, 17.4R2-S3; 18.1 versiones anteriores a 18.1R2-S4, 18.1R3-S4; 18.2 versiones anteriores a 18.2R1-S5, 18.2R2-S1; 18.2X75 versiones anteriores a 18.2X75-D40; 18.3 versiones anteriores a 18.3R1-S3; 18.4 versiones anteriores a 18.4R1-S1, 18.4R1-S2."}], "id": "CVE-2019-0036", "lastModified": "2024-11-21T04:16:05.940", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 2.7, "source": "sirt@juniper.net", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-04-10T20:29:00.757", "references": [{"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA10925"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA10925"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "sirt@juniper.net", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-754"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}