ID

VAR-201810-0079


CVE

CVE-2018-0057


TITLE

Juniper Networks Junos OS Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-013645

DESCRIPTION

On MX Series and M120/M320 platforms configured in a Broadband Edge (BBE) environment, subscribers logging in with DHCP Option 50 to request a specific IP address will be assigned the requested IP address, even if there is a static MAC to IP address binding in the access profile. In the problem scenario, with a hardware-address and IP address configured under address-assignment pool, if a subscriber logging in with DHCP Option 50, the subscriber will not be assigned an available address from the matched pool, but will still get the requested IP address. A malicious DHCP subscriber may be able to utilize this vulnerability to create duplicate IP address assignments, leading to a denial of service for valid subscribers or unauthorized information disclosure via IP address assignment spoofing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S2, 15.1R8; 16.1 versions prior to 16.1R4-S12, 16.1R7-S2, 16.1R8; 16.2 versions prior to 16.2R2-S7, 16.2R3; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3. Juniper Networks Junos OS Contains an input validation vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. Juniper Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware systems. The operating system provides a secure programming interface and Junos SDK. Attackers can exploit this vulnerability to cause denial of service to legitimate subscribers or obtain sensitive information. The following versions based on MX series and M120/M320 platforms are affected: Juniper Junos OS Release 15.1, Release 16.1, Release 16.2, Release 17.1, Release 17.2, Release 17.3, Release 17.4, Release 18.1

Trust: 1.71

sources: NVD: CVE-2018-0057 // JVNDB: JVNDB-2018-013645 // VULHUB: VHN-118259

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:17.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:15.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:16.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:16.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.2

Trust: 1.0

vendor:junipermodel:junos osscope:eqversion:16.1r4-s12

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.1r6-s6

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.3r2-s4

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:16.2r2-s7

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:18.1

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:17.3

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:15.1r7-s1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.1r2-s9

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:16.2

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:17.4

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:18.1r2

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:17.2

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:16.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.2r2-s6

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.3r3-s1

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:17.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.2r1-s7

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:15.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:17.4r1-s5

Trust: 0.8

sources: JVNDB: JVNDB-2018-013645 // NVD: CVE-2018-0057

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0057
value: CRITICAL

Trust: 1.0

sirt@juniper.net: CVE-2018-0057
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-0057
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201810-525
value: CRITICAL

Trust: 0.6

VULHUB: VHN-118259
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0057
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118259
severity: MEDIUM
baseScore: 5.5
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0057
baseSeverity: CRITICAL
baseScore: 9.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.1
impactScore: 5.8
version: 3.0

Trust: 1.8

sirt@juniper.net: CVE-2018-0057
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 2.8
impactScore: 2.7
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-118259 // JVNDB: JVNDB-2018-013645 // CNNVD: CNNVD-201810-525 // NVD: CVE-2018-0057 // NVD: CVE-2018-0057

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-20

Trust: 0.9

sources: VULHUB: VHN-118259 // JVNDB: JVNDB-2018-013645 // NVD: CVE-2018-0057

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-525

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201810-525

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013645

PATCH

title:JSA10892url:https://kb.juniper.net/JSA10892

Trust: 0.8

title:Juniper Junos OS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86111

Trust: 0.6

sources: JVNDB: JVNDB-2018-013645 // CNNVD: CNNVD-201810-525

EXTERNAL IDS

db:NVDid:CVE-2018-0057

Trust: 2.5

db:JUNIPERid:JSA10892

Trust: 1.7

db:JVNDBid:JVNDB-2018-013645

Trust: 0.8

db:CNNVDid:CNNVD-201810-525

Trust: 0.7

db:VULHUBid:VHN-118259

Trust: 0.1

sources: VULHUB: VHN-118259 // JVNDB: JVNDB-2018-013645 // CNNVD: CNNVD-201810-525 // NVD: CVE-2018-0057

REFERENCES

url:https://kb.juniper.net/jsa10892

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0057

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-0057

Trust: 0.8

sources: VULHUB: VHN-118259 // JVNDB: JVNDB-2018-013645 // CNNVD: CNNVD-201810-525 // NVD: CVE-2018-0057

SOURCES

db:VULHUBid:VHN-118259
db:JVNDBid:JVNDB-2018-013645
db:CNNVDid:CNNVD-201810-525
db:NVDid:CVE-2018-0057

LAST UPDATE DATE

2024-08-14T14:19:47.781000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-118259date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2018-013645date:2019-02-27T00:00:00
db:CNNVDid:CNNVD-201810-525date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0057date:2019-10-09T23:31:09.567

SOURCES RELEASE DATE

db:VULHUBid:VHN-118259date:2018-10-10T00:00:00
db:JVNDBid:JVNDB-2018-013645date:2019-02-27T00:00:00
db:CNNVDid:CNNVD-201810-525date:2018-10-11T00:00:00
db:NVDid:CVE-2018-0057date:2018-10-10T18:29:02.983