Sign-up

ID

VAR-201810-0083


CVE

CVE-2018-0061


TITLE

Juniper Networks Junos OS Vulnerable to resource exhaustion

Trust: 0.8

sources: JVNDB: JVNDB-2018-013643

DESCRIPTION

A denial of service vulnerability in the telnetd service on Junos OS allows remote unauthenticated users to cause high CPU usage which may affect system performance. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D81 on SRX Series; 12.3 versions prior to 12.3R12-S11; 12.3X48 versions prior to 12.3X48-D80 on SRX Series; 15.1 versions prior to 15.1R7; 15.1X49 versions prior to 15.1X49-D150, 15.1X49-D160 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400 Series; 15.1X53 versions prior to 15.1X53-D68 on QFX10K Series; 15.1X53 versions prior to 15.1X53-D235 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D495 on NFX Series; 16.1 versions prior to 16.1R4-S12, 16.1R6-S6, 16.1R7; 16.2 versions prior to 16.2R2-S7, 16.2R3; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R2-S6, 17.2R3; 17.2X75 versions prior to 17.2X75-D100; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.2X75 versions prior to 18.2X75-D5. Juniper Networks Junos OS Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Juniper Junos is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause denial-of-service conditions. Juniper Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware systems. The operating system provides a secure programming interface and Junos SDK. telnetd service is one of the remote access service components

Trust: 1.98

sources: NVD: CVE-2018-0061 // JVNDB: JVNDB-2018-013643 // BID: 105727 // VULHUB: VHN-118263

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:18.2x75

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.4

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.3

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.2x75

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:17.1

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:16.2

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:16.1

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:15.1x53

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:15.1x49

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:15.1

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:12.3

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:12.1x46

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:12.3x48

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.2

Trust: 1.0

vendor:junipermodel:junos osscope: - version: -

Trust: 0.8

vendor:junipermodel:junos 17.4r1-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.4r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.3r2-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.3r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.3r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2x75-d70scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2x75-d50scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2r2-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2-s6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 17.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r6-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s9scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 16.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d58scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d57scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d140scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d131scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d130scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d120scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d110scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d100scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d75scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d70scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d66scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d60scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d55scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d51scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d50scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d45scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r12-s7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r12-s5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r12-s4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r12-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r12-s10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d77scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d76scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d72scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d71scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d67scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d66scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d65scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d60scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d55scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d51scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d50scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d46scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d45scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d37scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d36scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d26scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 18.2x75-d5scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.4r2scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.4r1-s5scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.3r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.3r2-s4scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.2x75-d100scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.2r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.2r2-s6scope:neversion: -

Trust: 0.3

vendor:junipermodel:junosscope:neversion:17.2

Trust: 0.3

vendor:junipermodel:junos 17.1r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 17.1r2-s9scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.2r3scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.2r2-s7scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r7scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r6-s6scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 16.1r4-s12scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d68scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d59scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d495scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x53-d235scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d160scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d150scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 15.1r7scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d80scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.3r12-s11scope:neversion: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d81scope:neversion: -

Trust: 0.3

sources: BID: 105727 // JVNDB: JVNDB-2018-013643 // NVD: CVE-2018-0061

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0061
value: MEDIUM

Trust: 1.0

sirt@juniper.net: CVE-2018-0061
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-0061
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201810-529
value: MEDIUM

Trust: 0.6

VULHUB: VHN-118263
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0061
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118263
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0061
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 2.8

sources: VULHUB: VHN-118263 // JVNDB: JVNDB-2018-013643 // CNNVD: CNNVD-201810-529 // NVD: CVE-2018-0061 // NVD: CVE-2018-0061

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-118263 // JVNDB: JVNDB-2018-013643 // NVD: CVE-2018-0061

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-529

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201810-529

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-013643

PATCH
title:JSA10896url:https://kb.juniper.net/JSA10896
Trust: 0.8
title:Juniper Junos OS telnetd service Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86115
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-013643 // 
            
            
            
            CNNVD: CNNVD-201810-529

EXTERNAL IDS
db:NVDid:CVE-2018-0061
Trust: 2.8
db:JUNIPERid:JSA10896
Trust: 2.0
db:SECTRACKid:1041859
Trust: 1.7
db:JVNDBid:JVNDB-2018-013643
Trust: 0.8
db:CNNVDid:CNNVD-201810-529
Trust: 0.7
db:BIDid:105727
Trust: 0.3
db:VULHUBid:VHN-118263
Trust: 0.1
sources:
            
            
            VULHUB: VHN-118263 // 
            
            
            
            BID: 105727 // 
            
            
            
            JVNDB: JVNDB-2018-013643 // 
            
            
            
            CNNVD: CNNVD-201810-529 // 
            
            
            
            NVD: CVE-2018-0061

REFERENCES
url:https://kb.juniper.net/jsa10896
Trust: 1.7
url:http://www.securitytracker.com/id/1041859
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0061
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0061
Trust: 0.8
url:http://www.juniper.net/
Trust: 0.3
url:http://www.juniper.net/us/en/products-services/nos/junos/
Trust: 0.3
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10896
Trust: 0.3
sources:
            
            
            VULHUB: VHN-118263 // 
            
            
            
            BID: 105727 // 
            
            
            
            JVNDB: JVNDB-2018-013643 // 
            
            
            
            CNNVD: CNNVD-201810-529 // 
            
            
            
            NVD: CVE-2018-0061

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 105727

SOURCES
db:VULHUBid:VHN-118263
db:BIDid:105727
db:JVNDBid:JVNDB-2018-013643
db:CNNVDid:CNNVD-201810-529
db:NVDid:CVE-2018-0061

LAST UPDATE DATE
2024-08-14T14:51:25.810000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-118263date:2019-10-09T00:00:00
db:BIDid:105727date:2018-10-10T00:00:00
db:JVNDBid:JVNDB-2018-013643date:2019-02-27T00:00:00
db:CNNVDid:CNNVD-201810-529date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0061date:2019-10-09T23:31:10.457

SOURCES RELEASE DATE
db:VULHUBid:VHN-118263date:2018-10-10T00:00:00
db:BIDid:105727date:2018-10-10T00:00:00
db:JVNDBid:JVNDB-2018-013643date:2019-02-27T00:00:00
db:CNNVDid:CNNVD-201810-529date:2018-10-11T00:00:00
db:NVDid:CVE-2018-0061date:2018-10-10T18:29:03.483