CVE-2018-0001 Junos: Unauthenticated Remote Code Execution through J-Web interface

🗓️ 10 Jan 2018 22:00:00Reported by juniperType

Unauthenticated Remote Code Execution in Junos J-We

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability of the J-Web web interface of the Junos operating system, allowing a hacker to execute arbitrary code	20 Apr 201800:00	–	bdu_fstec
Circl	CVE-2018-0001	23 May 201808:17	–	circl
CISA	Juniper Networks Releases Security Updates	11 Jan 201800:00	–	cisa
CNVD	Juniper Junos Remote Code Execution Vulnerability	17 Jan 201800:00	–	cnvd
CVE	CVE-2018-0001	10 Jan 201822:00	–	cve
EUVD	EUVD-2018-0826	7 Oct 202500:30	–	euvd
Tenable Nessus	Juniper Junos J-Web Interface PHP URL Handling Use-after-free RCE (JSA10828)	26 Jan 201800:00	–	nessus
NVD	CVE-2018-0001	10 Jan 201822:29	–	nvd
Prion	Design/Logic Flaw	10 Jan 201822:29	–	prion

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "12.1X46-D67",
        "status": "affected",
        "version": "12.1X46",
        "versionType": "custom"
      },
      {
        "lessThan": "12.3R12-S5",
        "status": "affected",
        "version": "12.3",
        "versionType": "custom"
      },
      {
        "lessThan": "12.3X48-D35",
        "status": "affected",
        "version": "12.3X48",
        "versionType": "custom"
      },
      {
        "lessThan": "14.1R8-S5, 14.1R9",
        "status": "affected",
        "version": "14.1",
        "versionType": "custom"
      },
      {
        "lessThan": "14.1X53-D44, 14.1X53-D50",
        "status": "affected",
        "version": "14.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "14.2R7-S7, 14.2R8",
        "status": "affected",
        "version": "14.2",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1R3",
        "status": "affected",
        "version": "15.1",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1X49-D30",
        "status": "affected",
        "version": "15.1X49",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1X53-D70",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
securitytracker	www.securitytracker.com/id/1040180
securityfocus	www.securityfocus.com/bid/103092
kb	www.kb.juniper.net/JSA10828

22 Feb 2018 10:57Current

9.8High risk

Vulners AI Score9.8

CVSS 39.8

EPSS0.04221