VYPR
Unrated severityNVD Advisory· Published Oct 10, 2018· Updated Sep 17, 2024

Junos OS: Denial of Service in J-Web

CVE-2018-0062

Description

A Denial of Service vulnerability in J-Web service may allow a remote unauthenticated user to cause Denial of Service which may prevent other users to authenticate or to perform J-Web operations. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D60 on SRX Series; 15.1 versions prior to 15.1R7; 15.1F6; 15.1X49 versions prior to 15.1X49-D120 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400 Series; 15.1X53 versions prior to 15.1X53-D67 on QFX10K Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D470, 15.1X53-D495 on NFX Series; 16.1 versions prior to 16.1R6; 16.2 versions prior to 16.2R2-S6, 16.2R3; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R2. No other Juniper Networks products or platforms are affected by this issue.

Affected products

2
  • Juniper Networks/Junosllm-fuzzy2 versions
    affects multiple branches: 12.1X46 <12.1X46-D77, 12.3 <12.3R12-S10, 12.3X48 <12.3X48-D60, 15.1 <15.1R7/15.1F6, 15.1X49 <15.1X49-D120, 15.1X53 <15.1X53-D59/EX, <15.1X53-D67/QFX10K, <15.1X53-D234/QFX5200, <15.1X53-D470,-D495/NFX, 16.1 <16.1R6, 16.2 <16.2R2-S6/16.2R3, 17.1 <17.1R2-S6/17.1R3, 17.2 <17.2R3, 17.3 <17.3R2+ 1 more
    • (no CPE)range: affects multiple branches: 12.1X46 <12.1X46-D77, 12.3 <12.3R12-S10, 12.3X48 <12.3X48-D60, 15.1 <15.1R7/15.1F6, 15.1X49 <15.1X49-D120, 15.1X53 <15.1X53-D59/EX, <15.1X53-D67/QFX10K, <15.1X53-D234/QFX5200, <15.1X53-D470,-D495/NFX, 16.1 <16.1R6, 16.2 <16.2R2-S6/16.2R3, 17.1 <17.1R2-S6/17.1R3, 17.2 <17.2R3, 17.3 <17.3R2
    • (no CPE)range: 15.1X53

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.