Sign-up

ID

VAR-201810-0073


CVE

CVE-2018-0051


TITLE

Juniper Networks Junos OS Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-013609

DESCRIPTION

A Denial of Service vulnerability in the SIP application layer gateway (ALG) component of Junos OS based platforms allows an attacker to crash MS-PIC, MS-MIC, MS-MPC, MS-DPC or SRX flow daemon (flowd) process. This issue affects Junos OS devices with NAT or stateful firewall configuration in combination with the SIP ALG enabled. SIP ALG is enabled by default on SRX Series devices except for SRX-HE devices. SRX-HE devices have SIP ALG disabled by default. The status of ALGs in SRX device can be obtained by executing the command: show security alg status Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D70; 15.1X49 versions prior to 15.1X49-D140; 15.1 versions prior to 15.1R4-S9, 15.1R7-S1; 15.1F6; 16.1 versions prior to 16.1R4-S9, 16.1R6-S1, 16.1R7; 16.2 versions prior to 16.2R2-S7, 16.2R3; 17.1 versions prior to 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 versions prior to 17.3R1-S5, 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R2. No other Juniper Networks products or platforms are affected by this issue. Juniper Networks Junos OS Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The operating system provides a secure programming interface and Junos SDK. Attackers can exploit this vulnerability to crash the process of MS-PIC, MS-MIC, MS-MPC, MS-DPC or SRX flow daemon. The following releases are affected: Juniper Junos OS Release 12.1X46, Release 12.3X48, Release 15.1, Release 15.1F6, Release 15.1X49, Release 16.1, Release 16.2, Release 17.1, Release 17.2, Release 17.3, Release 17.4

Trust: 1.71

sources: NVD: CVE-2018-0051 // JVNDB: JVNDB-2018-013609 // VULHUB: VHN-118253

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:17.4

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:17.1

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:17.2

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:17.3

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:15.1x49

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:16.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:15.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:12.3x48

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:12.1x46

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:16.1

Trust: 1.0

vendor:junipermodel:junos osscope:eqversion:15.1r4-s9

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.3x48-d70

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.2r1-s6

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.1r4-s9

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1x49-d140

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.3x48

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.2r2-s7

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:17.3

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1r7-s1

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:16.2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.1r6-s1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.1r2-s7

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:17.4

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x46-d77

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.1r3

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:17.2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.4r2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.2r3

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.2r2-s4

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:16.1

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1x46

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.3r2-s2

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:17.1

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:15.1x49

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.3r3

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.1r7

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:15.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.2r3

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.3r1-s5

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1f6

Trust: 0.8

sources: JVNDB: JVNDB-2018-013609 // CNNVD: CNNVD-201810-519 // NVD: CVE-2018-0051

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0051
value: MEDIUM

Trust: 1.0

sirt@juniper.net: CVE-2018-0051
value: HIGH

Trust: 1.0

NVD: CVE-2018-0051
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201810-519
value: MEDIUM

Trust: 0.6

VULHUB: VHN-118253
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0051
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118253
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0051
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.0

Trust: 1.8

sirt@juniper.net: CVE-2018-0051
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-118253 // JVNDB: JVNDB-2018-013609 // CNNVD: CNNVD-201810-519 // NVD: CVE-2018-0051 // NVD: CVE-2018-0051

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-118253 // JVNDB: JVNDB-2018-013609 // NVD: CVE-2018-0051

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-519

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201810-519

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-013609

PATCH
title:JSA10885url:https://kb.juniper.net/JSA10885
Trust: 0.8
title:Juniper Junos OS SIP application layer gateway Fixes for component security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86105
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-013609 // 
            
            
            
            CNNVD: CNNVD-201810-519

EXTERNAL IDS
db:NVDid:CVE-2018-0051
Trust: 2.5
db:SECTRACKid:1041852
Trust: 1.7
db:JUNIPERid:JSA10885
Trust: 1.7
db:JVNDBid:JVNDB-2018-013609
Trust: 0.8
db:CNNVDid:CNNVD-201810-519
Trust: 0.7
db:VULHUBid:VHN-118253
Trust: 0.1
sources:
            
            
            VULHUB: VHN-118253 // 
            
            
            
            JVNDB: JVNDB-2018-013609 // 
            
            
            
            CNNVD: CNNVD-201810-519 // 
            
            
            
            NVD: CVE-2018-0051

REFERENCES
url:https://kb.juniper.net/jsa10885
Trust: 1.7
url:http://www.securitytracker.com/id/1041852
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0051
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0051
Trust: 0.8
sources:
            
            
            VULHUB: VHN-118253 // 
            
            
            
            JVNDB: JVNDB-2018-013609 // 
            
            
            
            CNNVD: CNNVD-201810-519 // 
            
            
            
            NVD: CVE-2018-0051

SOURCES
db:VULHUBid:VHN-118253
db:JVNDBid:JVNDB-2018-013609
db:CNNVDid:CNNVD-201810-519
db:NVDid:CVE-2018-0051

LAST UPDATE DATE
2024-11-23T23:02:00.868000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-118253date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2018-013609date:2019-02-26T00:00:00
db:CNNVDid:CNNVD-201810-519date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0051date:2024-11-21T03:37:26.313

SOURCES RELEASE DATE
db:VULHUBid:VHN-118253date:2018-10-10T00:00:00
db:JVNDBid:JVNDB-2018-013609date:2019-02-26T00:00:00
db:CNNVDid:CNNVD-201810-519date:2018-10-11T00:00:00
db:NVDid:CVE-2018-0051date:2018-10-10T18:29:02.313