製品・ソフトウェアに関する情報

JVN脆弱性詳細

Juniper Networks Junos OS におけるセキュリティ機能に関する脆弱性

Title	Juniper Networks Junos OS におけるセキュリティ機能に関する脆弱性
Summary	Juniper Networks Junos OS には、セキュリティ機能に関する脆弱性が存在します。
Possible impacts	情報を取得される、情報を改ざんされる、およびサービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	April 11, 2018, midnight
Registration Date	June 18, 2018, 12:12 p.m.
Last Update	June 18, 2018, 12:12 p.m.

CVSS3.0 : 重要
Score	7.5
Vector	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS2.0 : 危険
Score	8.5
Vector	AV:N/AC:M/Au:S/C:C/I:C/A:C

Affected System

ジュニパーネットワークス

Junos OS 15.1F5-S3 未満の 15.1

Junos OS 15.1F6-S8 未満の 15.1

Junos OS 15.1F7 未満の 15.1

Junos OS 15.1R5 未満の 15.1

Junos OS 15.1X49-D60 未満の 15.1X49

Junos OS 15.1X53-D233 未満の 15.1X53

Junos OS 15.1X53-D471 未満の 15.1X53

Junos OS 15.1X53-D66 未満の 15.1X53

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2018-0016	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0016
National Vulnerability Database (NVD)
2	CVE-2018-0016	https://nvd.nist.gov/vuln/detail/CVE-2018-0016

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-254	https://cwe.mitre.org/data/definitions/254.html

ベンダー情報

No	Name	URL
Security Bulletin
1	JSA10844	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10844&actp=METADATA

Change Log

No	Changed Details	Date of change
1	[2018年06月18日] 掲載	June 18, 2018, 12:12 p.m.

NVD Vulnerability Information

CVE-2018-0016

Summary	Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only vulnerable to the specially crafted CLNP datagram if 'clns-routing' or ES-IS is explicitly configured. Devices with without CLNS enabled are not vulnerable to this issue. Devices with IS-IS configured on the interface are not vulnerable to this issue unless CLNS routing is also enabled. This issue only affects devices running Junos OS 15.1. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5; 15.1X49 versions prior to 15.1X49-D60; 15.1X53 versions prior to 15.1X53-D66, 15.1X53-D233, 15.1X53-D471. Earlier releases are unaffected by this vulnerability, and the issue has been resolved in Junos OS 16.1R1 and all subsequent releases.
Publication Date	April 12, 2018, 4:29 a.m.
Registration Date	March 1, 2021, 6:35 p.m.
Last Update	Nov. 21, 2024, 12:37 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:juniper:junos:15.1:r3::::::
cpe:2.3:o:juniper:junos:15.1:r2::::::
cpe:2.3:o:juniper:junos:15.1:r4::::::
cpe:2.3:o:juniper:junos:15.1:r1::::::
cpe:2.3:o:juniper:junos:15.1:::::::*
cpe:2.3:o:juniper:junos:15.1f:::::::*
cpe:2.3:o:juniper:junos:15.1f2:::::::*
cpe:2.3:o:juniper:junos:15.1f3:::::::*
cpe:2.3:o:juniper:junos:15.1f4:::::::*
cpe:2.3:o:juniper:junos:15.1f5:::::::*
cpe:2.3:o:juniper:junos:15.1f5:s1::::::
cpe:2.3:o:juniper:junos:15.1f6:s1::::::
cpe:2.3:o:juniper:junos:15.1f6:s2::::::
cpe:2.3:o:juniper:junos:15.1x49:d40::::::
cpe:2.3:o:juniper:junos:15.1x49:d20::::::
cpe:2.3:o:juniper:junos:15.1x49:d45::::::
cpe:2.3:o:juniper:junos:15.1x49:d50::::::
cpe:2.3:o:juniper:junos:15.1x49:d30::::::
cpe:2.3:o:juniper:junos:15.1x49:::::::*
cpe:2.3:o:juniper:junos:15.1x49:d10::::::
cpe:2.3:o:juniper:junos:15.1x49:d55::::::
cpe:2.3:o:juniper:junos:15.1x49:d35::::::
cpe:2.3:o:juniper:junos:15.1x53:d62::::::
cpe:2.3:o:juniper:junos:15.1x53:d10::::::
cpe:2.3:o:juniper:junos:15.1x53:d20::::::
cpe:2.3:o:juniper:junos:15.1x53:d30::::::
cpe:2.3:o:juniper:junos:15.1x53:::::::*
cpe:2.3:o:juniper:junos:15.1x53:d32::::::
cpe:2.3:o:juniper:junos:15.1x53:d57::::::
cpe:2.3:o:juniper:junos:15.1x53:d34::::::
cpe:2.3:o:juniper:junos:15.1x53:d64::::::
cpe:2.3:o:juniper:junos:15.1x53:d21::::::
cpe:2.3:o:juniper:junos:15.1x53:d33::::::
cpe:2.3:o:juniper:junos:15.1x53:d63::::::
cpe:2.3:o:juniper:junos:15.1x53:d61::::::
cpe:2.3:o:juniper:junos:15.1x53:d60::::::
cpe:2.3:o:juniper:junos:15.1x53:d50::::::
cpe:2.3:o:juniper:junos:15.1x53:d51::::::
cpe:2.3:o:juniper:junos:15.1x53:d52::::::
cpe:2.3:o:juniper:junos:15.1x53:d55::::::
cpe:2.3:o:juniper:junos:15.1x53:d65::::::
cpe:2.3:o:juniper:junos:15.1x53:d58::::::
execution environment
1	cpe:2.3:h:juniper:junos:-:::::::*

Related information, measures and tools

No	URL	タグ
1	http://www.securityfocus.com/bid/103747	Third Party Advisory VDB Entry
2	http://www.securityfocus.com/bid/103747	Third Party Advisory VDB Entry
3	http://www.securitytracker.com/id/1040784	Third Party Advisory VDB Entry
4	http://www.securitytracker.com/id/1040784	Third Party Advisory VDB Entry
5	https://kb.juniper.net/JSA10844	Mitigation Vendor Advisory
6	https://kb.juniper.net/JSA10844	Mitigation Vendor Advisory

Common Vulnerabilities List

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:juniper:junos:15.1:r3::::::
cpe:2.3:o:juniper:junos:15.1:r2::::::
cpe:2.3:o:juniper:junos:15.1:r4::::::
cpe:2.3:o:juniper:junos:15.1:r1::::::
cpe:2.3:o:juniper:junos:15.1:::::::*
cpe:2.3:o:juniper:junos:15.1f:::::::*
cpe:2.3:o:juniper:junos:15.1f2:::::::*
cpe:2.3:o:juniper:junos:15.1f3:::::::*
cpe:2.3:o:juniper:junos:15.1f4:::::::*
cpe:2.3:o:juniper:junos:15.1f5:::::::*
cpe:2.3:o:juniper:junos:15.1f5:s1::::::
cpe:2.3:o:juniper:junos:15.1f6:s1::::::
cpe:2.3:o:juniper:junos:15.1f6:s2::::::
cpe:2.3:o:juniper:junos:15.1x49:d40::::::
cpe:2.3:o:juniper:junos:15.1x49:d20::::::
cpe:2.3:o:juniper:junos:15.1x49:d45::::::
cpe:2.3:o:juniper:junos:15.1x49:d50::::::
cpe:2.3:o:juniper:junos:15.1x49:d30::::::
cpe:2.3:o:juniper:junos:15.1x49:::::::*
cpe:2.3:o:juniper:junos:15.1x49:d10::::::
cpe:2.3:o:juniper:junos:15.1x49:d55::::::
cpe:2.3:o:juniper:junos:15.1x49:d35::::::
cpe:2.3:o:juniper:junos:15.1x53:d62::::::
cpe:2.3:o:juniper:junos:15.1x53:d10::::::
cpe:2.3:o:juniper:junos:15.1x53:d20::::::
cpe:2.3:o:juniper:junos:15.1x53:d30::::::
cpe:2.3:o:juniper:junos:15.1x53:::::::*
cpe:2.3:o:juniper:junos:15.1x53:d32::::::
cpe:2.3:o:juniper:junos:15.1x53:d57::::::
cpe:2.3:o:juniper:junos:15.1x53:d34::::::
cpe:2.3:o:juniper:junos:15.1x53:d64::::::
cpe:2.3:o:juniper:junos:15.1x53:d21::::::
cpe:2.3:o:juniper:junos:15.1x53:d33::::::
cpe:2.3:o:juniper:junos:15.1x53:d63::::::
cpe:2.3:o:juniper:junos:15.1x53:d61::::::
cpe:2.3:o:juniper:junos:15.1x53:d60::::::
cpe:2.3:o:juniper:junos:15.1x53:d50::::::
cpe:2.3:o:juniper:junos:15.1x53:d51::::::
cpe:2.3:o:juniper:junos:15.1x53:d52::::::
cpe:2.3:o:juniper:junos:15.1x53:d55::::::
cpe:2.3:o:juniper:junos:15.1x53:d65::::::
cpe:2.3:o:juniper:junos:15.1x53:d58::::::
execution environment
1	cpe:2.3:h:juniper:junos:-:::::::*