CVE-2018-0058

{"id": "CVE-2018-0058", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2018-10-10T18:29:03.077", "references": [{"url": "https://kb.juniper.net/JSA10893", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}, {"url": "https://kb.juniper.net/KB31899", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Receipt of a specially crafted IPv6 exception packet may be able to trigger a kernel crash (vmcore), causing the device to reboot. The issue is specific to the processing of Broadband Edge (BBE) client route processing on MX Series subscriber management platforms, introduced by the Tomcat (Next Generation Subscriber Management) functionality in Junos OS 15.1. This issue affects no other platforms or configurations. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S2, 15.1R8 on MX Series; 16.1 versions prior to 16.1R4-S11, 16.1R7-S2, 16.1R8 on MX Series; 16.2 versions prior to 16.2R3 on MX Series; 17.1 versions prior to 17.1R2-S9, 17.1R3 on MX Series; 17.2 versions prior to 17.2R2-S6, 17.2R3 on MX Series; 17.3 versions prior to 17.3R2-S4, 17.3R3-S2, 17.3R4 on MX Series; 17.4 versions prior to 17.4R2 on MX Series; 18.1 versions prior to 18.1R2-S3, 18.1R3 on MX Series; 18.2 versions prior to 18.2R1-S1, 18.2R2 on MX Series."}, {"lang": "es", "value": "La recepci\u00f3n de un paquete de excepci\u00f3n IPv6 especialmente manipulado podr\u00eda desencadenar un cierre inesperado del kernel (vmcore), provocando que el dispositivo se reinicie. El problema es espec\u00edfico al procesamiento de rutas de cliente BBE (Broadband Edge) en las plataformas de gesti\u00f3n de suscriptores de MX Series, introducida por la funcionalidad de Tomcat (Next Generation Subscriber Management) en Junos OS 15.1. El problema no afecta a otras plataformas o configuraciones. Las versiones afectadas de Juniper Networks Junos OS son: 15.1 en versiones anteriores a la 15.1R7-S2, 15.1R8 en MX Series; 16.1 en versiones anteriores a la 16.1R4-S11, 16.1R7-S2, 16.1R8 en MX Series; 16.2 en versiones anteriores a la 16.2R3 en MX Series; 17.1 en versiones anteriores a la 17.1R2-S9, 17.1R3 en MX Series; 17.2 en versiones anteriores a la 17.2R2-S6, 17.2R3 en MX Series; 17.3 en versiones anteriores a la 17.3R2-S4, 17.3R3-S2, 17.3R4 en MX Series; 17.4 en versiones anteriores a la 17.4R2 en MX Series; 18.1 en versiones anteriores a la 18.1R2-S3, 18.1R3 en MX Series; 18.2 en versiones anteriores a la 18.2R1-S1 y 18.2R2 en MX Series."}], "lastModified": "2019-10-09T23:31:09.770", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD0952C4-FFCC-4A78-ADFC-289BD6E269DB"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E0ECBD8-3D66-49DA-A557-5695159F0C06"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EAA2998-A0D6-4818-9E7C-25E8099403E7"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71D211B9-B2FE-4324-AAEE-8825D5238E48"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD332D86-5DA7-49A4-98C3-E4D946832DC1"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08FC0245-A4FF-42C0-A236-8569301E351A"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "120EA9E3-788B-4CFD-A74F-17111FFD0131"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:16.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AC40ABB-E364-46C9-A904-C0ED02806250"}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBE35BDC-7739-4854-8BB8-E8600603DE9D"}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DC47132-9EEA-4518-8F86-5CD231FBFB61"}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD5A30CE-9498-4007-8E66-FD0CC6CF1836"}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72194CB7-FFDC-4897-9D6E-EA3459DDDEB5"}, {"criteria": "cpe:2.3:o:juniper:junos:16.1:r6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92F35C19-5AD2-4F98-8313-2E880714DF3B"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:16.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D571B57-4F4C-4232-9D3B-B2F7AAAB220B"}, {"criteria": "cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3661BC68-6F32-447F-8D20-FD73FBBED9C6"}, {"criteria": "cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B6097D4-3856-4696-9A26-5B6C0FD9AD6C"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50B47EC5-0276-4799-B536-12B33B5F003B"}, {"criteria": "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7572C187-4D58-4E0D-A605-B2B13EFF5C6B"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64EB45C0-E3BD-4C0D-9E97-1DB726D66401"}, {"criteria": "cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E889BF9C-BDDF-4A6A-97BB-00A097EF6D91"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F69A0E5-B61B-405D-B501-9CB306651CEA"}, {"criteria": "cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38A40E03-F915-4888-87B0-5950F75F097D"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "974B6128-ABD2-4D9C-87A1-5F1740DDCB95"}, {"criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBF736F6-ED05-4DC1-96FB-3F35BA5B3EFD"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0A756E2-C320-405A-B24F-7C5022649E5A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50C5189D-8414-4239-B07C-6C7833C23AA4"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}