{"containers": {"cna": {"affected": [{"platforms": ["SRX5000 Series"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "12.3X48-D85", "status": "affected", "version": "12.3X48", "versionType": "custom"}, {"lessThan": "15.1X49-D180", "status": "affected", "version": "15.1X49", "versionType": "custom"}, {"lessThan": "17.3R3-S7", "status": "affected", "version": "17.3", "versionType": "custom"}, {"lessThan": "17.4R2-S6, 17.4R3", "status": "affected", "version": "17.4", "versionType": "custom"}, {"lessThan": "18.1R3-S8", "status": "affected", "version": "18.1", "versionType": "custom"}, {"lessThan": "18.2R3", "status": "affected", "version": "18.2", "versionType": "custom"}, {"lessThan": "18.3R2", "status": "affected", "version": "18.3", "versionType": "custom"}, {"lessThan": "18.4R2", "status": "affected", "version": "18.4", "versionType": "custom"}, {"lessThan": "19.1R2", "status": "affected", "version": "19.1", "versionType": "custom"}]}], "configurations": [{"lang": "en", "value": "SSL forward proxy feature must be configured for this issue to occur. For e.g., \n set services ssl proxy"}], "datePublic": "2019-10-09T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition. For this issue to occur, clients protected by the SRX device must initiate a connection to the malicious server. This issue affects: Juniper Networks Junos OS on SRX5000 Series: 12.3X48 versions prior to 12.3X48-D85; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-755", "description": "CWE-755 Improper Handling of Exceptional Conditions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-10-09T19:26:17.000Z", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://kb.juniper.net/JSA10973"}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D85, 15.1X49-D180, 17.3R3-S7 (pending), 17.4R2-S6, 17.4R3, 18.1R3-S8 (pending), 18.2R3, 18.3R2, 18.4R2, 19.1R2, 19.2R1, and all subsequent releases."}], "source": {"advisory": "JSA10973", "defect": ["1411110"], "discovery": "USER"}, "title": "SRX5000 Series: Denial of Service vulnerability in SSL-Proxy feature.", "workarounds": [{"lang": "en", "value": "There are no viable workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.0.6"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2019-10-09T16:00:00.000Z", "ID": "CVE-2019-0051", "STATE": "PUBLIC", "TITLE": "SRX5000 Series: Denial of Service vulnerability in SSL-Proxy feature."}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"platform": "SRX5000 Series", "version_affected": "<", "version_name": "12.3X48", "version_value": "12.3X48-D85"}, {"platform": "SRX5000 Series", "version_affected": "<", "version_name": "15.1X49", "version_value": "15.1X49-D180"}, {"platform": "SRX5000 Series", "version_affected": "<", "version_name": "17.3", "version_value": "17.3R3-S7"}, {"platform": "SRX5000 Series", "version_affected": "<", "version_name": "17.4", "version_value": "17.4R2-S6, 17.4R3"}, {"platform": "SRX5000 Series", "version_affected": "<", "version_name": "18.1", "version_value": "18.1R3-S8"}, {"platform": "SRX5000 Series", "version_affected": "<", "version_name": "18.2", "version_value": "18.2R3"}, {"platform": "SRX5000 Series", "version_affected": "<", "version_name": "18.3", "version_value": "18.3R2"}, {"platform": "SRX5000 Series", "version_affected": "<", "version_name": "18.4", "version_value": "18.4R2"}, {"platform": "SRX5000 Series", "version_affected": "<", "version_name": "19.1", "version_value": "19.1R2"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "configuration": [{"lang": "en", "value": "SSL forward proxy feature must be configured for this issue to occur. For e.g., \n set services ssl proxy"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition. For this issue to occur, clients protected by the SRX device must initiate a connection to the malicious server. This issue affects: Juniper Networks Junos OS on SRX5000 Series: 12.3X48 versions prior to 12.3X48-D85; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2."}]}, "exploit": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "generator": {"engine": "Vulnogram 0.0.6"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-755 Improper Handling of Exceptional Conditions"}]}]}, "references": {"reference_data": [{"name": "https://kb.juniper.net/JSA10973", "refsource": "MISC", "url": "https://kb.juniper.net/JSA10973"}]}, "solution": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 12.3X48-D85, 15.1X49-D180, 17.3R3-S7 (pending), 17.4R2-S6, 17.4R3, 18.1R3-S8 (pending), 18.2R3, 18.3R2, 18.4R2, 19.1R2, 19.2R1, and all subsequent releases."}], "source": {"advisory": "JSA10973", "defect": ["1411110"], "discovery": "USER"}, "work_around": [{"lang": "en", "value": "There are no viable workarounds for this issue."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T17:37:07.361Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://kb.juniper.net/JSA10973"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2019-0051", "datePublished": "2019-10-09T19:26:17.289Z", "dateReserved": "2018-10-11T00:00:00.000Z", "dateUpdated": "2024-09-16T23:06:24.696Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*", "matchCriteriaId": "AC1FED64-8725-4978-9EBF-E3CD8EF338E4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*", "matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*", "matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*", "matchCriteriaId": "5FF83BD0-3B28-481E-8C8F-09ECDA493DA4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*", "matchCriteriaId": "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*", "matchCriteriaId": "3C82799B-BD25-4359-9E3D-4D7CA7367525", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*", "matchCriteriaId": "094485FF-960C-4533-A2AF-6C4D420D260D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*", "matchCriteriaId": "F8BE3661-1DE5-4F57-9384-68C1B34F6812", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*", "matchCriteriaId": "B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*", "matchCriteriaId": "C6C694C6-C58C-4513-91E8-6CC22A2386E3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*", "matchCriteriaId": "6B65EF51-ED97-4973-94C4-8F66C553F190", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*", "matchCriteriaId": "9EE7C08A-2A4B-4A84-AD95-A890913E2EE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*", "matchCriteriaId": "44C61900-680C-4C74-8B96-ACC93FE9465E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d70:*:*:*:*:*:*", "matchCriteriaId": "B6C38637-ABE0-419A-A053-CBE076766551", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d75:*:*:*:*:*:*", "matchCriteriaId": "1F87EF0D-E609-4D4A-B228-CEF05C753E68", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.3x48:d80:*:*:*:*:*:*", "matchCriteriaId": "4484081E-E2E9-4858-8960-144D820CF7D4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*", "matchCriteriaId": "27A6BF09-ABBF-4126-ADD6-B174937F8554", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*", "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*", "matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*", "matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*", "matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*", "matchCriteriaId": "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*", "matchCriteriaId": "C808E08F-1992-43DD-A106-E920DC784831", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*", "matchCriteriaId": "E288F54B-AEA3-412F-85A4-EBDFE74DB84F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d160:*:*:*:*:*:*", "matchCriteriaId": "02AAC05C-1C4B-4F35-A286-52D20DFD6212", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d170:*:*:*:*:*:*", "matchCriteriaId": "080422D3-B508-4049-B558-4B04BF2E8AB4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*", "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*", "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*", "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*", "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*", "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*", "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*", "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*", "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*", "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*", "matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*", "matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*", "matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*", "matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*", "matchCriteriaId": "A283D32F-1CAF-4A5A-83E1-585F2801771F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*", "matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "32F83E8B-A816-4F26-95F8-F0DA7F3DF426", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "2C433359-BC8B-4E69-BE74-A31EB148083A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "565AE6D8-28A9-4A62-A886-5BAB954695D8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "0C366F93-BB30-4144-99AE-40B676977834", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "488BB10A-1360-42E5-A68D-23D51B332850", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "64988F0A-E02C-455B-99C9-4059C896416F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "DC2ACA85-FA89-40F0-A2AD-778E1CB02A91", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s6:*:*:*:*:*:*", "matchCriteriaId": "9F431D3D-5D55-45A9-98E8-00CB1D4C0196", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*", "matchCriteriaId": "A00CA6FB-8F28-4171-B510-8DBA351E80C0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*", "matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "605F1AD7-5B09-44F0-9017-15AB3EEE559C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "4E4EB6B0-8DB2-4199-96E4-30195D49F756", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*", "matchCriteriaId": "9D8A8E33-473A-4A40-A7B7-47086BB9012A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*", "matchCriteriaId": "F0F65DCA-34B9-4CE8-91C9-426AAAEB4097", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*", "matchCriteriaId": "0E0CE79A-157D-47DE-BE65-936BC12470EB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "05060C06-18C1-40E8-AE01-385B036CC9AA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "006EE425-A146-4E10-B050-7E754BB8402A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s4:*:*:*:*:*:*", "matchCriteriaId": "2B482BCC-1F0C-47AA-B63B-1B39CEF7B2C0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s5:*:*:*:*:*:*", "matchCriteriaId": "A636F9F2-2DA7-4A27-AD80-FD1B34DFCA94", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*", "matchCriteriaId": "0DFDD907-5305-4602-8A9C-685AA112C342", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*", "matchCriteriaId": "2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "84F5BCBA-404B-4BC9-B363-CE6D231B0D6D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "18A4CA3E-DA61-49CC-8476-3A476CCB2B83", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*", "matchCriteriaId": "A7380B3E-09F5-4497-86C6-11EF56BD89F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:*", "matchCriteriaId": "658841A9-BEC9-433E-81D0-47DE82887C4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "C97683B3-A07B-428F-9535-C49B55305679", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "A14CE132-C56B-43D8-A248-AB6A2D1A7B6C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "73978DD8-BD92-4872-8F35-AF2B9BCA1ECB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "678F57D1-2595-4AF3-BB87-AF2E1FE3CBB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s6:*:*:*:*:*:*", "matchCriteriaId": "7988CE92-71D2-4EEC-B596-4A60E2C1136A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s7:*:*:*:*:*:*", "matchCriteriaId": "330D176F-8DAD-440C-A623-44FA233FAB01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*", "matchCriteriaId": "A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*", "matchCriteriaId": "238EC996-8E8C-4332-916F-09E54E6EBB9D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "21B7820C-01D2-401C-9E6D-C83994FD5961", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "3D2FBD29-2CAC-41B4-9336-671373EF4A7C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "EEFCDA90-67E2-4AEF-800C-1D29A9121B8F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s4:*:*:*:*:*:*", "matchCriteriaId": "74B99981-840F-4DAD-976A-5DAEFE9FB93D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*", "matchCriteriaId": "1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*", "matchCriteriaId": "5342C3DC-D640-47AB-BD76-3444852988A2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "A2ABC574-B3FC-4025-B50D-7F9EEB28C806", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "6F6EAFC3-C3AC-4361-8530-39FCF89702F7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*", "matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*", "matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*", "matchCriteriaId": "768C0EB7-8456-4BF4-8598-3401A54D21DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*", "matchCriteriaId": "5332B70A-F6B0-4C3B-90E2-5CBFB3326126", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "81439FE8-5405-45C2-BC04-9823D2009A77", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "E506138D-043E-485D-B485-94A2AB75F8E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "0EF3C901-3599-463F-BEFB-8858768DC195", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition. For this issue to occur, clients protected by the SRX device must initiate a connection to the malicious server. This issue affects: Juniper Networks Junos OS on SRX5000 Series: 12.3X48 versions prior to 12.3X48-D85; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2."}, {"lang": "es", "value": "La funcionalidad proxy SSL en dispositivos SRX no puede manejar una limitaci\u00f3n de recursos de hardware que puede ser explotada por servidores SSL/TLS remotos para bloquear el demonio flowd. Los bloqueos repetidos del demonio flowd pueden resultar en una condici\u00f3n de denegaci\u00f3n de servicio extendida. Para que se presente este problema, los clientes protegidos por el dispositivo SRX requieren iniciar una conexi\u00f3n con el servidor malicioso. Este problema afecta: Juniper Networks Junos OS en la serie SRX5000: versiones 12.3X48 anteriores a 12.3X48-D85; versiones 15.1X49 anteriores a 15.1X49-D180; versiones 17.3 anteriores a 17.3R3-S7; versiones 17.4 anteriores a 17.4R2-S6, 17.4R3; versiones 18.1 anteriores a 18.1R3-S8; versiones 18.2 anteriores a 18.2R3; versiones 18.3 anteriores a 18.3R2; versiones 18.4 anteriores a 18.4R2; versiones 19.1 anteriores a 19.1R2."}], "id": "CVE-2019-0051", "lastModified": "2024-11-21T04:16:08.243", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-09T20:15:16.253", "references": [{"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA10973"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA10973"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-755"}], "source": "sirt@juniper.net", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-755"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}