Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2018-0009
Modified
More InfoOfficial Page
Source-sirt@juniper.net
View Known Exploited Vulnerability (KEV) details
Published At-10 Jan, 2018 | 22:29
Updated At-09 Oct, 2019 | 23:30

On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blocked by other rules is permitted to flow through the device resulting in a firewall bypass condition. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D71 on SRX series; 12.3X48 versions prior to 12.3X48-D55 on SRX series; 15.1X49 versions prior to 15.1X49-D100 on SRX series.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.05.9MEDIUM
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Secondary3.05.4MEDIUM
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Type: Primary
Version: 3.0
Base score: 5.9
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Type: Secondary
Version: 3.0
Base score: 5.4
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N
CPE Matches
Juniper Networks, Inc.
juniper
>>junos>>12.1x46
cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.1x46
cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.1x46
cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.1x46
cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.1x46
cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.1x46
cpe:2.3:o:juniper:junos:12.1x46:d30:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.1x46
cpe:2.3:o:juniper:junos:12.1x46:d35:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.1x46
cpe:2.3:o:juniper:junos:12.1x46:d40:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.1x46
cpe:2.3:o:juniper:junos:12.1x46:d45:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.1x46
cpe:2.3:o:juniper:junos:12.1x46:d50:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.1x46
cpe:2.3:o:juniper:junos:12.1x46:d55:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.1x46
cpe:2.3:o:juniper:junos:12.1x46:d60:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.1x46
cpe:2.3:o:juniper:junos:12.1x46:d65:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx100>>-
cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx110>>-
cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx1400>>-
cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx1500>>-
cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx210>>-
cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx220>>-
cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx240>>-
cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx300>>-
cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx320>>-
cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx340>>-
cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx3400>>-
cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx345>>-
cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx3600>>-
cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx4100>>-
cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx4200>>-
cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx5400>>-
cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx550>>-
cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx5600>>-
cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx5800>>-
cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx650>>-
cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.3x48
cpe:2.3:o:juniper:junos:12.3x48:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.3x48
cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.3x48
cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.3x48
cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.3x48
cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.3x48
cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.3x48
cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.3x48
cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.3x48
cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.3x48
cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>junos>>12.3x48
cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx100>>-
cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx110>>-
cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx1400>>-
cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx1500>>-
cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx210>>-
cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*
Juniper Networks, Inc.
juniper
>>srx220>>-
cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/102491sirt@juniper.net
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040187sirt@juniper.net
Third Party Advisory
VDB Entry
https://kb.juniper.net/JSA10836sirt@juniper.net
Mitigation
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/102491
Source: sirt@juniper.net
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1040187
Source: sirt@juniper.net
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://kb.juniper.net/JSA10836
Source: sirt@juniper.net
Resource:
Mitigation
Patch
Vendor Advisory
Change History
0Changes found
Details not found