Details of VAR-201810-0079

ID

VAR-201810-0079

CVE

CVE-2018-0057

TITLE

Juniper Networks Junos OS Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-013645

DESCRIPTION

On MX Series and M120/M320 platforms configured in a Broadband Edge (BBE) environment, subscribers logging in with DHCP Option 50 to request a specific IP address will be assigned the requested IP address, even if there is a static MAC to IP address binding in the access profile. In the problem scenario, with a hardware-address and IP address configured under address-assignment pool, if a subscriber logging in with DHCP Option 50, the subscriber will not be assigned an available address from the matched pool, but will still get the requested IP address. A malicious DHCP subscriber may be able to utilize this vulnerability to create duplicate IP address assignments, leading to a denial of service for valid subscribers or unauthorized information disclosure via IP address assignment spoofing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S2, 15.1R8; 16.1 versions prior to 16.1R4-S12, 16.1R7-S2, 16.1R8; 16.2 versions prior to 16.2R2-S7, 16.2R3; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3. Juniper Networks Junos OS Contains an input validation vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. Juniper Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware systems. The operating system provides a secure programming interface and Junos SDK. Attackers can exploit this vulnerability to cause denial of service to legitimate subscribers or obtain sensitive information. The following versions based on MX series and M120/M320 platforms are affected: Juniper Junos OS Release 15.1, Release 16.1, Release 16.2, Release 17.1, Release 17.2, Release 17.3, Release 17.4, Release 18.1

Trust: 1.71

sources: NVD: CVE-2018-0057 // JVNDB: JVNDB-2018-013645 // VULHUB: VHN-118259

AFFECTED PRODUCTS

vendor:	juniper	model:	junos	scope:	eq	version:	17.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	15.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	16.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	16.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.2	Trust: 1.0
vendor:	juniper	model:	junos os	scope:	eq	version:	16.1r4-s12	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	eq	version:	16.1r6-s6	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	eq	version:	17.3r2-s4	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	eq	version:	16.2r2-s7	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	lt	version:	18.1	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	lt	version:	17.3	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	eq	version:	15.1r7-s1	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	eq	version:	17.1r2-s9	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	lt	version:	16.2	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	lt	version:	17.4	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	eq	version:	18.1r2	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	lt	version:	17.2	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	lt	version:	16.1	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	eq	version:	17.2r2-s6	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	eq	version:	17.3r3-s1	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	lt	version:	17.1	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	eq	version:	17.2r1-s7	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	lt	version:	15.1	Trust: 0.8
vendor:	juniper	model:	junos os	scope:	eq	version:	17.4r1-s5	Trust: 0.8

sources: JVNDB: JVNDB-2018-013645 // NVD: CVE-2018-0057

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0057
value:	CRITICAL
Trust: 1.0
sirt@juniper.net:	CVE-2018-0057
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-0057
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201810-525
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-118259
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-0057
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-118259
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0057
baseSeverity:	CRITICAL
baseScore:	9.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.1
impactScore:	5.8
version:	3.0
Trust: 1.8
sirt@juniper.net:	CVE-2018-0057
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	2.8
impactScore:	2.7
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-118259 // JVNDB: JVNDB-2018-013645 // CNNVD: CNNVD-201810-525 // NVD: CVE-2018-0057 // NVD: CVE-2018-0057

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-20	Trust: 0.9

sources: VULHUB: VHN-118259 // JVNDB: JVNDB-2018-013645 // NVD: CVE-2018-0057

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-525

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201810-525

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013645

PATCH

title:	JSA10892	url:	https://kb.juniper.net/JSA10892	Trust: 0.8
title:	Juniper Junos OS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86111	Trust: 0.6

sources: JVNDB: JVNDB-2018-013645 // CNNVD: CNNVD-201810-525

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0057	Trust: 2.5
db:	JUNIPER	id:	JSA10892	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-013645	Trust: 0.8
db:	CNNVD	id:	CNNVD-201810-525	Trust: 0.7
db:	VULHUB	id:	VHN-118259	Trust: 0.1

sources: VULHUB: VHN-118259 // JVNDB: JVNDB-2018-013645 // CNNVD: CNNVD-201810-525 // NVD: CVE-2018-0057

REFERENCES

url:	https://kb.juniper.net/jsa10892	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0057	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0057	Trust: 0.8

sources: VULHUB: VHN-118259 // JVNDB: JVNDB-2018-013645 // CNNVD: CNNVD-201810-525 // NVD: CVE-2018-0057

SOURCES

db:	VULHUB	id:	VHN-118259
db:	JVNDB	id:	JVNDB-2018-013645
db:	CNNVD	id:	CNNVD-201810-525
db:	NVD	id:	CVE-2018-0057

LAST UPDATE DATE

2024-08-14T14:19:47.781000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-118259	date:	2019-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2018-013645	date:	2019-02-27T00:00:00
db:	CNNVD	id:	CNNVD-201810-525	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0057	date:	2019-10-09T23:31:09.567

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-118259	date:	2018-10-10T00:00:00
db:	JVNDB	id:	JVNDB-2018-013645	date:	2019-02-27T00:00:00
db:	CNNVD	id:	CNNVD-201810-525	date:	2018-10-11T00:00:00
db:	NVD	id:	CVE-2018-0057	date:	2018-10-10T18:29:02.983