Vulnerability-Lookup

CVE-2012-6151 (GCVE-0-2012-6151)

Vulnerability from cvelistv5 – Published: 2013-12-13 17:00 – Updated: 2024-08-06 21:28

Summary

Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

15 references

URL	Tags
http://www.securityfocus.com/bid/64048	vdb-entryx_refsource_BID
http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
https://support.apple.com/HT205375	x_refsource_CONFIRM
http://sourceforge.net/p/net-snmp/bugs/2411/	x_refsource_MISC
https://rhn.redhat.com/errata/RHSA-2014-0322.html	vendor-advisoryx_refsource_REDHAT
http://seclists.org/oss-sec/2013/q4/415	mailing-listx_refsource_MLIST
http://seclists.org/oss-sec/2013/q4/398	mailing-listx_refsource_MLIST
http://www.ubuntu.com/usn/USN-2166-1	vendor-advisoryx_refsource_UBUNTU
http://secunia.com/advisories/59974	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/57870	third-party-advisoryx_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-20140…	vendor-advisoryx_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://kb.juniper.net/InfoCenter/index?page=conte…	x_refsource_CONFIRM
http://secunia.com/advisories/55804	third-party-advisoryx_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=1038007	x_refsource_CONFIRM

Date Public ?

2012-09-05 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:28:39.728Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "64048",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/64048"
          },
          {
            "name": "APPLE-SA-2015-10-21-4",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT205375"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/p/net-snmp/bugs/2411/"
          },
          {
            "name": "RHSA-2014:0322",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2014-0322.html"
          },
          {
            "name": "[oss-security] 20131202 Re: SNMPD DoS #2411 snmpd crashes/hangs when AgentX subagent times-out",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://seclists.org/oss-sec/2013/q4/415"
          },
          {
            "name": "[oss-security] 20131202 NMPD DoS #2411 snmpd crashes/hangs when AgentX subagent times-out",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://seclists.org/oss-sec/2013/q4/398"
          },
          {
            "name": "USN-2166-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2166-1"
          },
          {
            "name": "59974",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59974"
          },
          {
            "name": "57870",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/57870"
          },
          {
            "name": "GLSA-201409-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml"
          },
          {
            "name": "netsnmp-cve20126151-dos(89485)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89485"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
          },
          {
            "name": "55804",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55804"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1038007"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-09-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "64048",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/64048"
        },
        {
          "name": "APPLE-SA-2015-10-21-4",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT205375"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://sourceforge.net/p/net-snmp/bugs/2411/"
        },
        {
          "name": "RHSA-2014:0322",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2014-0322.html"
        },
        {
          "name": "[oss-security] 20131202 Re: SNMPD DoS #2411 snmpd crashes/hangs when AgentX subagent times-out",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://seclists.org/oss-sec/2013/q4/415"
        },
        {
          "name": "[oss-security] 20131202 NMPD DoS #2411 snmpd crashes/hangs when AgentX subagent times-out",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://seclists.org/oss-sec/2013/q4/398"
        },
        {
          "name": "USN-2166-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2166-1"
        },
        {
          "name": "59974",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59974"
        },
        {
          "name": "57870",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/57870"
        },
        {
          "name": "GLSA-201409-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml"
        },
        {
          "name": "netsnmp-cve20126151-dos(89485)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89485"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
        },
        {
          "name": "55804",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55804"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1038007"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-6151",
    "datePublished": "2013-12-13T17:00:00.000Z",
    "dateReserved": "2012-12-06T00:00:00.000Z",
    "dateUpdated": "2024-08-06T21:28:39.728Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2012-6151",
      "date": "2026-05-20",
      "epss": "0.27425",
      "percentile": "0.96482"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:10.11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDDDDC59-E784-4C8B-BDAD-55D8322138EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"5D37DF0F-F863-45AC-853A-3E04F9FEC7CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2076871-2E80-4605-A470-A41C1A8EC7EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F61F047-129C-41A6-8A27-FFCBB8563E91\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"5.7.1\", \"matchCriteriaId\": \"7E2FA9EC-6B8B-408E-BBF5-286EE423626B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87B4FDFF-9E09-4AB9-9196-6A01903473B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21E8FC05-D498-4D5D-B5A3-3F16749B7491\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BD964F4-9196-4641-A854-09DA86BCC890\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44A07BEF-C759-459E-A144-D37C1A55A9C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA0FD6CE-8179-4D48-9690-C130C0402CD6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B97B7D0D-68CC-463D-A14B-3651D8DD4C73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFCF39FC-D220-4F4A-8CBF-B993C65671FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B5512FA-8B74-4585-ADEF-F710C0DF83A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51AAC2EA-8AA7-4303-BD64-74CFC7938D04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C872A9B0-0B3C-47B2-82F5-344BEBA221CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6CA1700-07A8-4DC3-8AB3-A30DBD7C8F9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A88517EE-17E2-4128-8355-FAAC815718CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E2BAAA8-313D-41F2-A98D-3557331E35B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"331C82ED-2FC8-44D0-B9CC-C1F8E693F3EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.3.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA42449F-A7E7-415C-8EC7-DB7B971AC603\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"950BC4AA-60A3-4512-A452-F205FF843C29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABF6D757-93C1-4B08-B863-1183C9BD92AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"50F4D055-EC8F-4F88-BE40-2EEDD41F50A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:net-snmp:net-snmp:5.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D7025F3-9106-4F62-91AA-4DA23417B999\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout.\"}, {\"lang\": \"es\", \"value\": \"Net-SNMP 5.7.1 y anteriores, cuando AgentX est\\u00e1 registrando para manejar una MIB y tramitaci\\u00f3n de solicitudes de GETNEXT, permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (ca\\u00edda o bucle infinito,  consumo de CPU, y bloqueo) causando timeout en el  subagente AgentX\"}]",
      "id": "CVE-2012-6151",
      "lastModified": "2024-11-21T01:45:55.530",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-12-13T18:55:04.693",
      "references": "[{\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://seclists.org/oss-sec/2013/q4/398\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://seclists.org/oss-sec/2013/q4/415\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/55804\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/57870\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/59974\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://sourceforge.net/p/net-snmp/bugs/2411/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/64048\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2166-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1038007\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/89485\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2014-0322.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://support.apple.com/HT205375\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://seclists.org/oss-sec/2013/q4/398\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://seclists.org/oss-sec/2013/q4/415\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/55804\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/57870\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/59974\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://sourceforge.net/p/net-snmp/bugs/2411/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/64048\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2166-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1038007\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/89485\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://rhn.redhat.com/errata/RHSA-2014-0322.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/HT205375\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-6151\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-12-13T18:55:04.693\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout.\"},{\"lang\":\"es\",\"value\":\"Net-SNMP 5.7.1 y anteriores, cuando AgentX est\u00e1 registrando para manejar una MIB y tramitaci\u00f3n de solicitudes de GETNEXT, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda o bucle infinito,  consumo de CPU, y bloqueo) causando timeout en el  subagente AgentX\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDDDDC59-E784-4C8B-BDAD-55D8322138EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"5D37DF0F-F863-45AC-853A-3E04F9FEC7CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2076871-2E80-4605-A470-A41C1A8EC7EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F61F047-129C-41A6-8A27-FFCBB8563E91\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.7.1\",\"matchCriteriaId\":\"7E2FA9EC-6B8B-408E-BBF5-286EE423626B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87B4FDFF-9E09-4AB9-9196-6A01903473B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21E8FC05-D498-4D5D-B5A3-3F16749B7491\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BD964F4-9196-4641-A854-09DA86BCC890\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44A07BEF-C759-459E-A144-D37C1A55A9C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA0FD6CE-8179-4D48-9690-C130C0402CD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B97B7D0D-68CC-463D-A14B-3651D8DD4C73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFCF39FC-D220-4F4A-8CBF-B993C65671FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B5512FA-8B74-4585-ADEF-F710C0DF83A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51AAC2EA-8AA7-4303-BD64-74CFC7938D04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C872A9B0-0B3C-47B2-82F5-344BEBA221CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6CA1700-07A8-4DC3-8AB3-A30DBD7C8F9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A88517EE-17E2-4128-8355-FAAC815718CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E2BAAA8-313D-41F2-A98D-3557331E35B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"331C82ED-2FC8-44D0-B9CC-C1F8E693F3EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA42449F-A7E7-415C-8EC7-DB7B971AC603\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"950BC4AA-60A3-4512-A452-F205FF843C29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABF6D757-93C1-4B08-B863-1183C9BD92AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50F4D055-EC8F-4F88-BE40-2EEDD41F50A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-snmp:net-snmp:5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D7025F3-9106-4F62-91AA-4DA23417B999\"}]}]}],\"references\":[{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://seclists.org/oss-sec/2013/q4/398\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://seclists.org/oss-sec/2013/q4/415\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/55804\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/57870\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/59974\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://sourceforge.net/p/net-snmp/bugs/2411/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/64048\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2166-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1038007\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/89485\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2014-0322.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.apple.com/HT205375\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/oss-sec/2013/q4/398\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/oss-sec/2013/q4/415\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/55804\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/57870\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/59974\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sourceforge.net/p/net-snmp/bugs/2411/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/64048\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2166-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1038007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/89485\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2014-0322.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT205375\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTFR-2015-AVI-431

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	QFabric 3100 Director versions 12.x
N/A	N/A	ScreenOS
N/A	N/A	CTPView 7.0R3
Juniper Networks	Junos OS	Juniper Junos OS

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10694 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10700 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10703 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10708 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10705 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10706 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10695 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10699 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10697 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10707 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10702 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10704 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10696 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10701 du 14 octobre 2015	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "QFabric 3100 Director versions 12.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ScreenOS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CTPView 7.0R3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2905"
    },
    {
      "name": "CVE-2011-2483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2483"
    },
    {
      "name": "CVE-2013-1667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1667"
    },
    {
      "name": "CVE-2012-3417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3417"
    },
    {
      "name": "CVE-2014-0063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0063"
    },
    {
      "name": "CVE-2015-5600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5600"
    },
    {
      "name": "CVE-2014-3566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3566"
    },
    {
      "name": "CVE-2014-8867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8867"
    },
    {
      "name": "CVE-2015-1793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1793"
    },
    {
      "name": "CVE-2015-1791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1791"
    },
    {
      "name": "CVE-2009-3490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3490"
    },
    {
      "name": "CVE-2012-0866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0866"
    },
    {
      "name": "CVE-2010-3433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3433"
    },
    {
      "name": "CVE-2012-5526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5526"
    },
    {
      "name": "CVE-2010-1447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1447"
    },
    {
      "name": "CVE-2014-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0061"
    },
    {
      "name": "CVE-2009-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0115"
    },
    {
      "name": "CVE-2007-6067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6067"
    },
    {
      "name": "CVE-2010-0826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0826"
    },
    {
      "name": "CVE-2014-8159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8159"
    },
    {
      "name": "CVE-2010-0211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0211"
    },
    {
      "name": "CVE-2013-4242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4242"
    },
    {
      "name": "CVE-2015-1158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1158"
    },
    {
      "name": "CVE-2015-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2808"
    },
    {
      "name": "CVE-2010-4352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4352"
    },
    {
      "name": "CVE-2015-7749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7749"
    },
    {
      "name": "CVE-2011-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1720"
    },
    {
      "name": "CVE-2010-1168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1168"
    },
    {
      "name": "CVE-2009-1189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1189"
    },
    {
      "name": "CVE-2014-6450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6450"
    },
    {
      "name": "CVE-2015-1789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1789"
    },
    {
      "name": "CVE-2008-2937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2937"
    },
    {
      "name": "CVE-2012-2697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2697"
    },
    {
      "name": "CVE-2013-2566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2566"
    },
    {
      "name": "CVE-2011-1081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1081"
    },
    {
      "name": "CVE-2009-1632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1632"
    },
    {
      "name": "CVE-2012-3488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3488"
    },
    {
      "name": "CVE-2015-5361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5361"
    },
    {
      "name": "CVE-2013-6435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6435"
    },
    {
      "name": "CVE-2010-2761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2761"
    },
    {
      "name": "CVE-2012-5195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5195"
    },
    {
      "name": "CVE-2015-1788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1788"
    },
    {
      "name": "CVE-2014-6449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6449"
    },
    {
      "name": "CVE-2015-1792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1792"
    },
    {
      "name": "CVE-2014-6451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6451"
    },
    {
      "name": "CVE-2012-6329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6329"
    },
    {
      "name": "CVE-2014-4345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4345"
    },
    {
      "name": "CVE-2008-5302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5302"
    },
    {
      "name": "CVE-2013-6629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6629"
    },
    {
      "name": "CVE-2014-2285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2285"
    },
    {
      "name": "CVE-2013-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4449"
    },
    {
      "name": "CVE-2012-0868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0868"
    },
    {
      "name": "CVE-2007-4476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4476"
    },
    {
      "name": "CVE-2010-4410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4410"
    },
    {
      "name": "CVE-2008-5161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5161"
    },
    {
      "name": "CVE-2015-7752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7752"
    },
    {
      "name": "CVE-2010-0407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0407"
    },
    {
      "name": "CVE-2014-0064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0064"
    },
    {
      "name": "CVE-2014-0065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0065"
    },
    {
      "name": "CVE-2007-4772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4772"
    },
    {
      "name": "CVE-2013-0292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0292"
    },
    {
      "name": "CVE-2012-6151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
    },
    {
      "name": "CVE-2008-5303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5303"
    },
    {
      "name": "CVE-2015-1159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1159"
    },
    {
      "name": "CVE-2011-2200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2200"
    },
    {
      "name": "CVE-2015-7748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7748"
    },
    {
      "name": "CVE-2015-7750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7750"
    },
    {
      "name": "CVE-2015-7751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7751"
    },
    {
      "name": "CVE-2011-0411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0411"
    },
    {
      "name": "CVE-2008-3834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3834"
    },
    {
      "name": "CVE-2010-0624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0624"
    },
    {
      "name": "CVE-2014-0062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0062"
    },
    {
      "name": "CVE-2011-1025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1025"
    },
    {
      "name": "CVE-2014-6448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6448"
    },
    {
      "name": "CVE-2011-3597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3597"
    },
    {
      "name": "CVE-2010-0212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0212"
    },
    {
      "name": "CVE-2009-1185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1185"
    },
    {
      "name": "CVE-2009-4901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4901"
    },
    {
      "name": "CVE-2010-1172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1172"
    },
    {
      "name": "CVE-2010-4530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4530"
    },
    {
      "name": "CVE-2011-1024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1024"
    },
    {
      "name": "CVE-2014-3660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3660"
    },
    {
      "name": "CVE-2014-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0060"
    },
    {
      "name": "CVE-1999-0524",
      "url": "https://www.cve.org/CVERecord?id=CVE-1999-0524"
    },
    {
      "name": "CVE-2010-4015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4015"
    },
    {
      "name": "CVE-2011-0002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0002"
    },
    {
      "name": "CVE-2009-1574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1574"
    },
    {
      "name": "CVE-2009-3736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3736"
    },
    {
      "name": "CVE-2015-1790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1790"
    },
    {
      "name": "CVE-2012-2143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2143"
    },
    {
      "name": "CVE-2014-0066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0066"
    },
    {
      "name": "CVE-2010-0001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0001"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-431",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-10-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10694 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10694\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10700 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10700\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10703 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10703\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10708 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10708\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10705 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10706 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10706\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10695 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10695\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10699 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10699\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10697 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10697\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10707 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10707\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10702 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10702\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10704 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10704\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10696 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10696\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10701 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10701\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2015-AVI-453

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Apple OSX. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et une exécution de code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	OS X Mavericks versions antérieures à 10.9.5
Apple	N/A	OS X El Capitan versions antérieures à 10.11
Apple	N/A	OS X Yosemite versions antérieures à 10.10.5

References

Title

Publication Time

Tags

Bulletin de sécurité Apple du 21 octobre 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "OS X Mavericks versions ant\u00e9rieures \u00e0 10.9.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "OS X El Capitan versions ant\u00e9rieures \u00e0 10.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "OS X Yosemite versions ant\u00e9rieures \u00e0 10.10.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-7008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7008"
    },
    {
      "name": "CVE-2015-5943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5943"
    },
    {
      "name": "CVE-2015-6977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6977"
    },
    {
      "name": "CVE-2015-5939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5939"
    },
    {
      "name": "CVE-2015-7010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7010"
    },
    {
      "name": "CVE-2015-7035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7035"
    },
    {
      "name": "CVE-2015-6563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6563"
    },
    {
      "name": "CVE-2015-6996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6996"
    },
    {
      "name": "CVE-2015-7006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7006"
    },
    {
      "name": "CVE-2015-6835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6835"
    },
    {
      "name": "CVE-2015-6983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6983"
    },
    {
      "name": "CVE-2015-6991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6991"
    },
    {
      "name": "CVE-2015-6836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6836"
    },
    {
      "name": "CVE-2015-5933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5933"
    },
    {
      "name": "CVE-2015-5936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5936"
    },
    {
      "name": "CVE-2015-5925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5925"
    },
    {
      "name": "CVE-2015-7021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7021"
    },
    {
      "name": "CVE-2015-5944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5944"
    },
    {
      "name": "CVE-2015-5937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5937"
    },
    {
      "name": "CVE-2015-5942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5942"
    },
    {
      "name": "CVE-2015-6834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6834"
    },
    {
      "name": "CVE-2015-5927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5927"
    },
    {
      "name": "CVE-2015-6995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6995"
    },
    {
      "name": "CVE-2015-5945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5945"
    },
    {
      "name": "CVE-2015-7007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7007"
    },
    {
      "name": "CVE-2015-5935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5935"
    },
    {
      "name": "CVE-2015-6976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6976"
    },
    {
      "name": "CVE-2015-7003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7003"
    },
    {
      "name": "CVE-2015-6978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6978"
    },
    {
      "name": "CVE-2015-6984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6984"
    },
    {
      "name": "CVE-2015-0273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0273"
    },
    {
      "name": "CVE-2015-7018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7018"
    },
    {
      "name": "CVE-2015-5924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5924"
    },
    {
      "name": "CVE-2015-6838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6838"
    },
    {
      "name": "CVE-2015-6974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6974"
    },
    {
      "name": "CVE-2015-6985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6985"
    },
    {
      "name": "CVE-2015-7016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7016"
    },
    {
      "name": "CVE-2015-6994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6994"
    },
    {
      "name": "CVE-2015-6990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6990"
    },
    {
      "name": "CVE-2015-7017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7017"
    },
    {
      "name": "CVE-2015-5926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5926"
    },
    {
      "name": "CVE-2015-7020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7020"
    },
    {
      "name": "CVE-2015-5938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5938"
    },
    {
      "name": "CVE-2015-6988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6988"
    },
    {
      "name": "CVE-2012-6151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
    },
    {
      "name": "CVE-2015-7009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7009"
    },
    {
      "name": "CVE-2015-5932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5932"
    },
    {
      "name": "CVE-2015-6975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6975"
    },
    {
      "name": "CVE-2015-6987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6987"
    },
    {
      "name": "CVE-2015-5940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5940"
    },
    {
      "name": "CVE-2015-7015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7015"
    },
    {
      "name": "CVE-2015-6989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6989"
    },
    {
      "name": "CVE-2015-0235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0235"
    },
    {
      "name": "CVE-2015-6837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6837"
    },
    {
      "name": "CVE-2015-6992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6992"
    },
    {
      "name": "CVE-2014-3565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3565"
    },
    {
      "name": "CVE-2015-5934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5934"
    },
    {
      "name": "CVE-2015-7023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7023"
    },
    {
      "name": "CVE-2015-6993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6993"
    },
    {
      "name": "CVE-2015-7019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7019"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-453",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-10-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple OSX\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0 distance et une ex\u00e9cution\nde code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple OSX",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 21 octobre 2015",
      "url": "https://support.apple.com/fr-fr/HT205375"
    }
  ]
}

CERTFR-2020-AVI-015

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	N/A	Juniper Networks SBR Carrier versions 8.5.x antérieures à 8.5.0R4
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1, 19.2 et 19.3
Juniper Networks	Junos OS	Junos OS versions antérieures à 14.1X53-D12 sur séries QFX5100 et EX4600
Juniper Networks	N/A	Juniper Networks Contrail Networking versions antérieures à R1912
Juniper Networks	N/A	Juniper Networks SBR Carrier versions antérieures à 8.4.1R19
Juniper Networks	Junos Space	Junos Space versions antérieures à 19.4R1
Juniper Networks	Junos OS	Junos OS versions antérieures à 17.2R3-S3, 17.3R2-S5, 17.3R3-S5, 17.4R2-S7, 17.4R3, 18.1R3-S6, 18.2R3-S2, 18.2X75-D51, 18.2X75-D60, 18.3R3, 18.4R2, 19.1R1-S3, 19.1R2, 19.2R1-S2, 19.2R2 et 19.3R1 sur séries MX
Juniper Networks	Junos OS	Junos OS versions antérieures à 14.1X53-D48, 15.1R7-S3, 16.1R7, 17.1R3, 17.2R3, 17.3R2-S5, 17.3R3, 17.4R2, 18.1R3, 18.2R2 et 18.3R1 sur série EX4300
Juniper Networks	Junos OS	Junos OS versions antérieures à 14.1X53-D52 sur séries QFX3500
Juniper Networks	Junos OS	Junos OS versions antérieures à 12.3R12-S13, 12.3R12-S15, 12.3X48-D85, 12.3X48-D86, 12.3X48-D90, 14.1X53-D51, 15.1F6-S13, 15.1F6-S13,15.1R7-S5, 15.1R7-S4, 15.1R7-S5, 15.1R7-S6, 15.1X49-D180, 15.1X49-D181, 15.1X49-D190, 15.1X49-D200, 15.1X53-D238, 15.1X53-D496, 15.1X53-D592, 16.1R4-S13, 16.1R7-S4, 16.1R7-S5, 16.1R7-S6, 16.2R2-S10, 16.2R2-S10,17.1R2-S11, 16.2R2-S11, 16.2R2-S9, 17.1R2-S11, 17.1R3, 17.1R3-S1, 17.2R1-S9, 17.2R2-S8, 17.2R3-S2, 17.2R3-S3, 17.3R2-S5, 17.3R2-S6, 17.3R3-S3, 17.3R3-S5, 17.3R3-S6, 17.3R3-S7, 17.4R2-S2, 17.4R2-S4, 17.4R2-S5, 17.4R2-S6, 17.4R2-S9, 17.4R3, 18.1R3-S2, 18.1R3-S5, 18.1R3-S7, 18.1R3-S7,18.2R2-S5, 18.1R3-S8, 18.2R2-S6, 18.2R3, 18.2R3-S2, 18.2X75-D40, 18.2X75-D410, 18.2X75-D50, 18.3R1-S6, 18.3R2, 18.3R2-S1, 18.3R2-S2, 18.3R2-S3, 18.3R3, 18.4R1-S2, 18.4R1-S5, 18.4R1-S6, 18.4R2, 18.4R2-S2, 18.4R3, 19.1R1, 19.1R1-S2, 19.1R1-S3, 19.1R1-S4, 19.1R2, 19.2R1, 19.2R1-S2, 19.2R2 et 19.3R1

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10992 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10986 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10985 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10980 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10981 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10983 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10979 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10987 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10982 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10990 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10991 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10993 du 08 janvier 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Juniper Networks SBR Carrier versions 8.5.x ant\u00e9rieures \u00e0 8.5.0R4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1, 19.2 et 19.3",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D12 sur s\u00e9ries QFX5100 et EX4600",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Contrail Networking versions ant\u00e9rieures \u00e0 R1912",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks SBR Carrier versions ant\u00e9rieures \u00e0 8.4.1R19",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos Space versions ant\u00e9rieures \u00e0 19.4R1",
      "product": {
        "name": "Junos Space",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 17.2R3-S3, 17.3R2-S5, 17.3R3-S5, 17.4R2-S7, 17.4R3, 18.1R3-S6, 18.2R3-S2, 18.2X75-D51, 18.2X75-D60, 18.3R3, 18.4R2, 19.1R1-S3, 19.1R2, 19.2R1-S2, 19.2R2 et 19.3R1 sur s\u00e9ries MX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D48, 15.1R7-S3, 16.1R7, 17.1R3, 17.2R3, 17.3R2-S5, 17.3R3, 17.4R2, 18.1R3, 18.2R2 et 18.3R1 sur s\u00e9rie EX4300",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D52 sur s\u00e9ries QFX3500",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S13, 12.3R12-S15, 12.3X48-D85, 12.3X48-D86, 12.3X48-D90, 14.1X53-D51, 15.1F6-S13, 15.1F6-S13,15.1R7-S5, 15.1R7-S4, 15.1R7-S5, 15.1R7-S6, 15.1X49-D180, 15.1X49-D181, 15.1X49-D190, 15.1X49-D200, 15.1X53-D238, 15.1X53-D496, 15.1X53-D592, 16.1R4-S13, 16.1R7-S4, 16.1R7-S5, 16.1R7-S6, 16.2R2-S10, 16.2R2-S10,17.1R2-S11, 16.2R2-S11, 16.2R2-S9, 17.1R2-S11, 17.1R3, 17.1R3-S1, 17.2R1-S9, 17.2R2-S8, 17.2R3-S2, 17.2R3-S3, 17.3R2-S5, 17.3R2-S6, 17.3R3-S3, 17.3R3-S5, 17.3R3-S6, 17.3R3-S7, 17.4R2-S2, 17.4R2-S4, 17.4R2-S5, 17.4R2-S6, 17.4R2-S9, 17.4R3, 18.1R3-S2, 18.1R3-S5, 18.1R3-S7, 18.1R3-S7,18.2R2-S5, 18.1R3-S8, 18.2R2-S6, 18.2R3, 18.2R3-S2, 18.2X75-D40, 18.2X75-D410, 18.2X75-D50, 18.3R1-S6, 18.3R2, 18.3R2-S1, 18.3R2-S2, 18.3R2-S3, 18.3R3, 18.4R1-S2, 18.4R1-S5, 18.4R1-S6, 18.4R2, 18.4R2-S2, 18.4R3, 19.1R1, 19.1R1-S2, 19.1R1-S3, 19.1R1-S4, 19.1R2, 19.2R1, 19.2R1-S2, 19.2R2 et 19.3R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-12749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12749"
    },
    {
      "name": "CVE-2019-1125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1125"
    },
    {
      "name": "CVE-2019-17267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
    },
    {
      "name": "CVE-2019-11091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11091"
    },
    {
      "name": "CVE-2018-0737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
    },
    {
      "name": "CVE-2019-1071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1071"
    },
    {
      "name": "CVE-2020-1611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1611"
    },
    {
      "name": "CVE-2018-1336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1336"
    },
    {
      "name": "CVE-2018-0739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0739"
    },
    {
      "name": "CVE-2015-5621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5621"
    },
    {
      "name": "CVE-2018-5743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-5743"
    },
    {
      "name": "CVE-2014-2310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2310"
    },
    {
      "name": "CVE-2018-9568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
    },
    {
      "name": "CVE-2019-12735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12735"
    },
    {
      "name": "CVE-2019-11810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11810"
    },
    {
      "name": "CVE-2020-1606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1606"
    },
    {
      "name": "CVE-2007-5846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5846"
    },
    {
      "name": "CVE-2019-9636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
    },
    {
      "name": "CVE-2020-1608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1608"
    },
    {
      "name": "CVE-2020-1602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1602"
    },
    {
      "name": "CVE-2018-12127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12127"
    },
    {
      "name": "CVE-2019-19919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19919"
    },
    {
      "name": "CVE-2017-17805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17805"
    },
    {
      "name": "CVE-2018-17972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17972"
    },
    {
      "name": "CVE-2008-6123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-6123"
    },
    {
      "name": "CVE-2020-1601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1601"
    },
    {
      "name": "CVE-2017-2595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2595"
    },
    {
      "name": "CVE-2016-7061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7061"
    },
    {
      "name": "CVE-2019-5489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5489"
    },
    {
      "name": "CVE-2017-12174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
    },
    {
      "name": "CVE-2018-12130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12130"
    },
    {
      "name": "CVE-2019-9824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9824"
    },
    {
      "name": "CVE-2017-3735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
    },
    {
      "name": "CVE-2020-1607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1607"
    },
    {
      "name": "CVE-2012-6151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
    },
    {
      "name": "CVE-2019-14835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14835"
    },
    {
      "name": "CVE-2018-0732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
    },
    {
      "name": "CVE-2019-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1073"
    },
    {
      "name": "CVE-2020-1604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1604"
    },
    {
      "name": "CVE-2016-7055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7055"
    },
    {
      "name": "CVE-2018-12126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12126"
    },
    {
      "name": "CVE-2020-1603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1603"
    },
    {
      "name": "CVE-2008-4309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4309"
    },
    {
      "name": "CVE-2019-1559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1559"
    },
    {
      "name": "CVE-2014-3565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3565"
    },
    {
      "name": "CVE-2020-1609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1609"
    },
    {
      "name": "CVE-2020-1605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1605"
    },
    {
      "name": "CVE-2020-1600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1600"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-015",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10992 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10992\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10986 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10986\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10985 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10985\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10980 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10980\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10981 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10981\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10983 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10983\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10979 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10979\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10987 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10987\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10982 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10982\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10990 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10990\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10991 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10991\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10993 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10993\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2024-AVI-0781

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 20.4R3-S7-EVO, 21.2R3-S7-EVO, 21.2R3-S8-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 21.4R3-S7-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.2R3-S4-EVO, 22.3R2-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.3R3-S2-EVO, 22.3R3-S3-EVO, 22.4R2-EVO, 22.4R3-EVO, 22.4R3-S1-EVO, 22.4R3-S2-EVO, 23.2R1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.4R1-EVO, 23.4R1-S1-EVO, 23.4R2-EVO et 24.2R1-EVO
Juniper Networks	Junos OS	Junos OS versions antérieures à 20.4R3-S9, 21.2R3-S6, 21.2R3-S7, 21.2R3-S8, 21.3R3-S5, 21.4R3-S4, 21.4R3-S5, 21.4R3-S7, 22.1R3-S3, 22.1R3-S4, 22.1R3-S5, 22.2R3-S2, 22.2R3-S3, 22.2R3-S4, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.3R3-S3, 22.4R2-S2, 22.4R3, 22.4R3-S2, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.4R1, 23.4R1-S1, 23.4R2 et 24.2R1
Juniper Networks	BBE Cloud Setup	BBE Cloudsetup versions antérieures à 2.1.0

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper Networks JSA75756	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA82975	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA82977	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA82971	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA79175	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA82974	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA75746	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA75759	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA75750	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA79101	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA82973	2024-09-13	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S7-EVO, 21.2R3-S7-EVO, 21.2R3-S8-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 21.4R3-S7-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.2R3-S4-EVO, 22.3R2-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.3R3-S2-EVO, 22.3R3-S3-EVO, 22.4R2-EVO, 22.4R3-EVO, 22.4R3-S1-EVO, 22.4R3-S2-EVO, 23.2R1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.4R1-EVO, 23.4R1-S1-EVO, 23.4R2-EVO et 24.2R1-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 20.4R3-S9, 21.2R3-S6, 21.2R3-S7, 21.2R3-S8, 21.3R3-S5, 21.4R3-S4, 21.4R3-S5, 21.4R3-S7, 22.1R3-S3, 22.1R3-S4, 22.1R3-S5, 22.2R3-S2, 22.2R3-S3, 22.2R3-S4, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.3R3-S3, 22.4R2-S2, 22.4R3, 22.4R3-S2, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.4R1, 23.4R1-S1, 23.4R2 et 24.2R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "BBE Cloudsetup versions ant\u00e9rieures \u00e0 2.1.0",
      "product": {
        "name": "BBE Cloud Setup",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2023-0216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
    },
    {
      "name": "CVE-2024-21618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21618"
    },
    {
      "name": "CVE-2023-0401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
    },
    {
      "name": "CVE-2023-28841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
    },
    {
      "name": "CVE-2023-28840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2024-39524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39524"
    },
    {
      "name": "CVE-2020-15861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15861"
    },
    {
      "name": "CVE-2015-5621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5621"
    },
    {
      "name": "CVE-2023-3817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
    },
    {
      "name": "CVE-2014-2310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2310"
    },
    {
      "name": "CVE-2024-39523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39523"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2020-15862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15862"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2019-20892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20892"
    },
    {
      "name": "CVE-2022-4886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4886"
    },
    {
      "name": "CVE-2023-5363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
    },
    {
      "name": "CVE-2022-23525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23525"
    },
    {
      "name": "CVE-2007-5846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5846"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2024-21605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21605"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2022-4203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
    },
    {
      "name": "CVE-2022-23524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23524"
    },
    {
      "name": "CVE-2023-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
    },
    {
      "name": "CVE-2015-8100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8100"
    },
    {
      "name": "CVE-2024-21615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21615"
    },
    {
      "name": "CVE-2021-25746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25746"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2008-6123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-6123"
    },
    {
      "name": "CVE-2023-28842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
    },
    {
      "name": "CVE-2021-25748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25748"
    },
    {
      "name": "CVE-2023-25173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
    },
    {
      "name": "CVE-2023-33953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33953"
    },
    {
      "name": "CVE-2022-23526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23526"
    },
    {
      "name": "CVE-2014-2285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2285"
    },
    {
      "name": "CVE-2024-21609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21609"
    },
    {
      "name": "CVE-2024-39522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39522"
    },
    {
      "name": "CVE-2023-25153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2023-32732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32732"
    },
    {
      "name": "CVE-2024-39517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39517"
    },
    {
      "name": "CVE-2023-4785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4785"
    },
    {
      "name": "CVE-2012-6151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
    },
    {
      "name": "CVE-2024-39521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39521"
    },
    {
      "name": "CVE-2024-39512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39512"
    },
    {
      "name": "CVE-2023-1255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
    },
    {
      "name": "CVE-2021-44225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44225"
    },
    {
      "name": "CVE-2024-39553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39553"
    },
    {
      "name": "CVE-2024-39520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39520"
    },
    {
      "name": "CVE-2022-23471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
    },
    {
      "name": "CVE-2014-3565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3565"
    },
    {
      "name": "CVE-2023-2975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
    },
    {
      "name": "CVE-2023-5043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5043"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2021-25745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25745"
    },
    {
      "name": "CVE-2018-18065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-18065"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0781",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-09-16T00:00:00.000000"
    },
    {
      "description": "Correction d\u0027identifiants CVE erron\u00e9s",
      "revision_date": "2024-10-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
  "vendor_advisories": [
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75756",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-low-privileged-user-can-access-confidential-information-CVE-2024-21615"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82975",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Multiple-CLI-parameter-processing-issues-allowing-privilege-escalation-resolved"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82977",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-User-is-not-logged-out-when-the-console-cable-is-disconnected-CVE-2024-39512"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82971",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-BBE-Cloudsetup-Multiple-vulnerabilities-resolved-in-2-1-0-release"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA79175",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Upon-processing-specific-L2-traffic-rpd-can-hang-in-devices-with-EVPN-VXLAN-configured-CVE-2024-39517"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82974",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSL-3-0-12"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75746",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-SRX-300-Series-Specific-link-local-traffic-causes-a-control-plane-overload-CVE-2024-21605"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75759",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-LLDP-is-enabled-and-a-malformed-LLDP-packet-is-received-l2cpd-crashes-CVE-2024-21618"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75750",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-and-SRX-Series-If-specific-IPsec-parameters-are-negotiated-iked-will-crash-due-to-a-memory-leak-CVE-2024-21609"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA79101",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Receipt-of-arbitrary-data-when-sampling-service-is-enabled-leads-to-partial-Denial-of-Service-DoS-CVE-2024-39553"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82973",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-net-SNMP-5-9-4"
    }
  ]
}

CERTFR-2015-AVI-431

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	QFabric 3100 Director versions 12.x
N/A	N/A	ScreenOS
N/A	N/A	CTPView 7.0R3
Juniper Networks	Junos OS	Juniper Junos OS

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10694 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10700 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10703 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10708 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10705 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10706 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10695 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10699 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10697 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10707 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10702 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10704 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10696 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10701 du 14 octobre 2015	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "QFabric 3100 Director versions 12.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ScreenOS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CTPView 7.0R3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2905"
    },
    {
      "name": "CVE-2011-2483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2483"
    },
    {
      "name": "CVE-2013-1667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1667"
    },
    {
      "name": "CVE-2012-3417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3417"
    },
    {
      "name": "CVE-2014-0063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0063"
    },
    {
      "name": "CVE-2015-5600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5600"
    },
    {
      "name": "CVE-2014-3566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3566"
    },
    {
      "name": "CVE-2014-8867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8867"
    },
    {
      "name": "CVE-2015-1793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1793"
    },
    {
      "name": "CVE-2015-1791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1791"
    },
    {
      "name": "CVE-2009-3490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3490"
    },
    {
      "name": "CVE-2012-0866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0866"
    },
    {
      "name": "CVE-2010-3433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3433"
    },
    {
      "name": "CVE-2012-5526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5526"
    },
    {
      "name": "CVE-2010-1447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1447"
    },
    {
      "name": "CVE-2014-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0061"
    },
    {
      "name": "CVE-2009-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0115"
    },
    {
      "name": "CVE-2007-6067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6067"
    },
    {
      "name": "CVE-2010-0826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0826"
    },
    {
      "name": "CVE-2014-8159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8159"
    },
    {
      "name": "CVE-2010-0211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0211"
    },
    {
      "name": "CVE-2013-4242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4242"
    },
    {
      "name": "CVE-2015-1158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1158"
    },
    {
      "name": "CVE-2015-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2808"
    },
    {
      "name": "CVE-2010-4352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4352"
    },
    {
      "name": "CVE-2015-7749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7749"
    },
    {
      "name": "CVE-2011-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1720"
    },
    {
      "name": "CVE-2010-1168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1168"
    },
    {
      "name": "CVE-2009-1189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1189"
    },
    {
      "name": "CVE-2014-6450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6450"
    },
    {
      "name": "CVE-2015-1789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1789"
    },
    {
      "name": "CVE-2008-2937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2937"
    },
    {
      "name": "CVE-2012-2697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2697"
    },
    {
      "name": "CVE-2013-2566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2566"
    },
    {
      "name": "CVE-2011-1081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1081"
    },
    {
      "name": "CVE-2009-1632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1632"
    },
    {
      "name": "CVE-2012-3488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3488"
    },
    {
      "name": "CVE-2015-5361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5361"
    },
    {
      "name": "CVE-2013-6435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6435"
    },
    {
      "name": "CVE-2010-2761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2761"
    },
    {
      "name": "CVE-2012-5195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5195"
    },
    {
      "name": "CVE-2015-1788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1788"
    },
    {
      "name": "CVE-2014-6449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6449"
    },
    {
      "name": "CVE-2015-1792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1792"
    },
    {
      "name": "CVE-2014-6451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6451"
    },
    {
      "name": "CVE-2012-6329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6329"
    },
    {
      "name": "CVE-2014-4345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4345"
    },
    {
      "name": "CVE-2008-5302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5302"
    },
    {
      "name": "CVE-2013-6629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6629"
    },
    {
      "name": "CVE-2014-2285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2285"
    },
    {
      "name": "CVE-2013-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4449"
    },
    {
      "name": "CVE-2012-0868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0868"
    },
    {
      "name": "CVE-2007-4476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4476"
    },
    {
      "name": "CVE-2010-4410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4410"
    },
    {
      "name": "CVE-2008-5161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5161"
    },
    {
      "name": "CVE-2015-7752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7752"
    },
    {
      "name": "CVE-2010-0407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0407"
    },
    {
      "name": "CVE-2014-0064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0064"
    },
    {
      "name": "CVE-2014-0065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0065"
    },
    {
      "name": "CVE-2007-4772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4772"
    },
    {
      "name": "CVE-2013-0292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0292"
    },
    {
      "name": "CVE-2012-6151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
    },
    {
      "name": "CVE-2008-5303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5303"
    },
    {
      "name": "CVE-2015-1159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1159"
    },
    {
      "name": "CVE-2011-2200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2200"
    },
    {
      "name": "CVE-2015-7748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7748"
    },
    {
      "name": "CVE-2015-7750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7750"
    },
    {
      "name": "CVE-2015-7751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7751"
    },
    {
      "name": "CVE-2011-0411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0411"
    },
    {
      "name": "CVE-2008-3834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3834"
    },
    {
      "name": "CVE-2010-0624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0624"
    },
    {
      "name": "CVE-2014-0062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0062"
    },
    {
      "name": "CVE-2011-1025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1025"
    },
    {
      "name": "CVE-2014-6448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6448"
    },
    {
      "name": "CVE-2011-3597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3597"
    },
    {
      "name": "CVE-2010-0212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0212"
    },
    {
      "name": "CVE-2009-1185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1185"
    },
    {
      "name": "CVE-2009-4901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4901"
    },
    {
      "name": "CVE-2010-1172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1172"
    },
    {
      "name": "CVE-2010-4530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4530"
    },
    {
      "name": "CVE-2011-1024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1024"
    },
    {
      "name": "CVE-2014-3660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3660"
    },
    {
      "name": "CVE-2014-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0060"
    },
    {
      "name": "CVE-1999-0524",
      "url": "https://www.cve.org/CVERecord?id=CVE-1999-0524"
    },
    {
      "name": "CVE-2010-4015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4015"
    },
    {
      "name": "CVE-2011-0002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0002"
    },
    {
      "name": "CVE-2009-1574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1574"
    },
    {
      "name": "CVE-2009-3736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3736"
    },
    {
      "name": "CVE-2015-1790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1790"
    },
    {
      "name": "CVE-2012-2143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2143"
    },
    {
      "name": "CVE-2014-0066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0066"
    },
    {
      "name": "CVE-2010-0001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0001"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-431",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-10-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10694 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10694\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10700 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10700\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10703 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10703\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10708 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10708\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10705 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10706 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10706\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10695 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10695\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10699 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10699\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10697 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10697\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10707 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10707\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10702 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10702\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10704 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10704\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10696 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10696\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10701 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10701\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2015-AVI-453

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	OS X Mavericks versions antérieures à 10.9.5
Apple	N/A	OS X El Capitan versions antérieures à 10.11
Apple	N/A	OS X Yosemite versions antérieures à 10.10.5

References

Title

Publication Time

Tags

Bulletin de sécurité Apple du 21 octobre 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "OS X Mavericks versions ant\u00e9rieures \u00e0 10.9.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "OS X El Capitan versions ant\u00e9rieures \u00e0 10.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "OS X Yosemite versions ant\u00e9rieures \u00e0 10.10.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-7008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7008"
    },
    {
      "name": "CVE-2015-5943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5943"
    },
    {
      "name": "CVE-2015-6977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6977"
    },
    {
      "name": "CVE-2015-5939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5939"
    },
    {
      "name": "CVE-2015-7010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7010"
    },
    {
      "name": "CVE-2015-7035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7035"
    },
    {
      "name": "CVE-2015-6563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6563"
    },
    {
      "name": "CVE-2015-6996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6996"
    },
    {
      "name": "CVE-2015-7006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7006"
    },
    {
      "name": "CVE-2015-6835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6835"
    },
    {
      "name": "CVE-2015-6983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6983"
    },
    {
      "name": "CVE-2015-6991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6991"
    },
    {
      "name": "CVE-2015-6836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6836"
    },
    {
      "name": "CVE-2015-5933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5933"
    },
    {
      "name": "CVE-2015-5936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5936"
    },
    {
      "name": "CVE-2015-5925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5925"
    },
    {
      "name": "CVE-2015-7021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7021"
    },
    {
      "name": "CVE-2015-5944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5944"
    },
    {
      "name": "CVE-2015-5937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5937"
    },
    {
      "name": "CVE-2015-5942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5942"
    },
    {
      "name": "CVE-2015-6834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6834"
    },
    {
      "name": "CVE-2015-5927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5927"
    },
    {
      "name": "CVE-2015-6995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6995"
    },
    {
      "name": "CVE-2015-5945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5945"
    },
    {
      "name": "CVE-2015-7007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7007"
    },
    {
      "name": "CVE-2015-5935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5935"
    },
    {
      "name": "CVE-2015-6976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6976"
    },
    {
      "name": "CVE-2015-7003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7003"
    },
    {
      "name": "CVE-2015-6978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6978"
    },
    {
      "name": "CVE-2015-6984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6984"
    },
    {
      "name": "CVE-2015-0273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0273"
    },
    {
      "name": "CVE-2015-7018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7018"
    },
    {
      "name": "CVE-2015-5924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5924"
    },
    {
      "name": "CVE-2015-6838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6838"
    },
    {
      "name": "CVE-2015-6974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6974"
    },
    {
      "name": "CVE-2015-6985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6985"
    },
    {
      "name": "CVE-2015-7016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7016"
    },
    {
      "name": "CVE-2015-6994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6994"
    },
    {
      "name": "CVE-2015-6990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6990"
    },
    {
      "name": "CVE-2015-7017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7017"
    },
    {
      "name": "CVE-2015-5926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5926"
    },
    {
      "name": "CVE-2015-7020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7020"
    },
    {
      "name": "CVE-2015-5938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5938"
    },
    {
      "name": "CVE-2015-6988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6988"
    },
    {
      "name": "CVE-2012-6151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
    },
    {
      "name": "CVE-2015-7009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7009"
    },
    {
      "name": "CVE-2015-5932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5932"
    },
    {
      "name": "CVE-2015-6975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6975"
    },
    {
      "name": "CVE-2015-6987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6987"
    },
    {
      "name": "CVE-2015-5940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5940"
    },
    {
      "name": "CVE-2015-7015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7015"
    },
    {
      "name": "CVE-2015-6989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6989"
    },
    {
      "name": "CVE-2015-0235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0235"
    },
    {
      "name": "CVE-2015-6837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6837"
    },
    {
      "name": "CVE-2015-6992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6992"
    },
    {
      "name": "CVE-2014-3565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3565"
    },
    {
      "name": "CVE-2015-5934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5934"
    },
    {
      "name": "CVE-2015-7023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7023"
    },
    {
      "name": "CVE-2015-6993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6993"
    },
    {
      "name": "CVE-2015-7019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7019"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-453",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-10-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple OSX\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0 distance et une ex\u00e9cution\nde code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple OSX",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 21 octobre 2015",
      "url": "https://support.apple.com/fr-fr/HT205375"
    }
  ]
}

CERTFR-2020-AVI-015

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	N/A	Juniper Networks SBR Carrier versions 8.5.x antérieures à 8.5.0R4
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1, 19.2 et 19.3
Juniper Networks	Junos OS	Junos OS versions antérieures à 14.1X53-D12 sur séries QFX5100 et EX4600
Juniper Networks	N/A	Juniper Networks Contrail Networking versions antérieures à R1912
Juniper Networks	N/A	Juniper Networks SBR Carrier versions antérieures à 8.4.1R19
Juniper Networks	Junos Space	Junos Space versions antérieures à 19.4R1
Juniper Networks	Junos OS	Junos OS versions antérieures à 17.2R3-S3, 17.3R2-S5, 17.3R3-S5, 17.4R2-S7, 17.4R3, 18.1R3-S6, 18.2R3-S2, 18.2X75-D51, 18.2X75-D60, 18.3R3, 18.4R2, 19.1R1-S3, 19.1R2, 19.2R1-S2, 19.2R2 et 19.3R1 sur séries MX
Juniper Networks	Junos OS	Junos OS versions antérieures à 14.1X53-D48, 15.1R7-S3, 16.1R7, 17.1R3, 17.2R3, 17.3R2-S5, 17.3R3, 17.4R2, 18.1R3, 18.2R2 et 18.3R1 sur série EX4300
Juniper Networks	Junos OS	Junos OS versions antérieures à 14.1X53-D52 sur séries QFX3500
Juniper Networks	Junos OS	Junos OS versions antérieures à 12.3R12-S13, 12.3R12-S15, 12.3X48-D85, 12.3X48-D86, 12.3X48-D90, 14.1X53-D51, 15.1F6-S13, 15.1F6-S13,15.1R7-S5, 15.1R7-S4, 15.1R7-S5, 15.1R7-S6, 15.1X49-D180, 15.1X49-D181, 15.1X49-D190, 15.1X49-D200, 15.1X53-D238, 15.1X53-D496, 15.1X53-D592, 16.1R4-S13, 16.1R7-S4, 16.1R7-S5, 16.1R7-S6, 16.2R2-S10, 16.2R2-S10,17.1R2-S11, 16.2R2-S11, 16.2R2-S9, 17.1R2-S11, 17.1R3, 17.1R3-S1, 17.2R1-S9, 17.2R2-S8, 17.2R3-S2, 17.2R3-S3, 17.3R2-S5, 17.3R2-S6, 17.3R3-S3, 17.3R3-S5, 17.3R3-S6, 17.3R3-S7, 17.4R2-S2, 17.4R2-S4, 17.4R2-S5, 17.4R2-S6, 17.4R2-S9, 17.4R3, 18.1R3-S2, 18.1R3-S5, 18.1R3-S7, 18.1R3-S7,18.2R2-S5, 18.1R3-S8, 18.2R2-S6, 18.2R3, 18.2R3-S2, 18.2X75-D40, 18.2X75-D410, 18.2X75-D50, 18.3R1-S6, 18.3R2, 18.3R2-S1, 18.3R2-S2, 18.3R2-S3, 18.3R3, 18.4R1-S2, 18.4R1-S5, 18.4R1-S6, 18.4R2, 18.4R2-S2, 18.4R3, 19.1R1, 19.1R1-S2, 19.1R1-S3, 19.1R1-S4, 19.1R2, 19.2R1, 19.2R1-S2, 19.2R2 et 19.3R1

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10992 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10986 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10985 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10980 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10981 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10983 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10979 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10987 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10982 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10990 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10991 du 08 janvier 2020	None	vendor-advisory
Bulletin de sécurité Juniper JSA10993 du 08 janvier 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Juniper Networks SBR Carrier versions 8.5.x ant\u00e9rieures \u00e0 8.5.0R4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 15.1, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1, 19.2 et 19.3",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D12 sur s\u00e9ries QFX5100 et EX4600",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Contrail Networking versions ant\u00e9rieures \u00e0 R1912",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks SBR Carrier versions ant\u00e9rieures \u00e0 8.4.1R19",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos Space versions ant\u00e9rieures \u00e0 19.4R1",
      "product": {
        "name": "Junos Space",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 17.2R3-S3, 17.3R2-S5, 17.3R3-S5, 17.4R2-S7, 17.4R3, 18.1R3-S6, 18.2R3-S2, 18.2X75-D51, 18.2X75-D60, 18.3R3, 18.4R2, 19.1R1-S3, 19.1R2, 19.2R1-S2, 19.2R2 et 19.3R1 sur s\u00e9ries MX",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D48, 15.1R7-S3, 16.1R7, 17.1R3, 17.2R3, 17.3R2-S5, 17.3R3, 17.4R2, 18.1R3, 18.2R2 et 18.3R1 sur s\u00e9rie EX4300",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D52 sur s\u00e9ries QFX3500",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S13, 12.3R12-S15, 12.3X48-D85, 12.3X48-D86, 12.3X48-D90, 14.1X53-D51, 15.1F6-S13, 15.1F6-S13,15.1R7-S5, 15.1R7-S4, 15.1R7-S5, 15.1R7-S6, 15.1X49-D180, 15.1X49-D181, 15.1X49-D190, 15.1X49-D200, 15.1X53-D238, 15.1X53-D496, 15.1X53-D592, 16.1R4-S13, 16.1R7-S4, 16.1R7-S5, 16.1R7-S6, 16.2R2-S10, 16.2R2-S10,17.1R2-S11, 16.2R2-S11, 16.2R2-S9, 17.1R2-S11, 17.1R3, 17.1R3-S1, 17.2R1-S9, 17.2R2-S8, 17.2R3-S2, 17.2R3-S3, 17.3R2-S5, 17.3R2-S6, 17.3R3-S3, 17.3R3-S5, 17.3R3-S6, 17.3R3-S7, 17.4R2-S2, 17.4R2-S4, 17.4R2-S5, 17.4R2-S6, 17.4R2-S9, 17.4R3, 18.1R3-S2, 18.1R3-S5, 18.1R3-S7, 18.1R3-S7,18.2R2-S5, 18.1R3-S8, 18.2R2-S6, 18.2R3, 18.2R3-S2, 18.2X75-D40, 18.2X75-D410, 18.2X75-D50, 18.3R1-S6, 18.3R2, 18.3R2-S1, 18.3R2-S2, 18.3R2-S3, 18.3R3, 18.4R1-S2, 18.4R1-S5, 18.4R1-S6, 18.4R2, 18.4R2-S2, 18.4R3, 19.1R1, 19.1R1-S2, 19.1R1-S3, 19.1R1-S4, 19.1R2, 19.2R1, 19.2R1-S2, 19.2R2 et 19.3R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-12749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12749"
    },
    {
      "name": "CVE-2019-1125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1125"
    },
    {
      "name": "CVE-2019-17267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
    },
    {
      "name": "CVE-2019-11091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11091"
    },
    {
      "name": "CVE-2018-0737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
    },
    {
      "name": "CVE-2019-1071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1071"
    },
    {
      "name": "CVE-2020-1611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1611"
    },
    {
      "name": "CVE-2018-1336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1336"
    },
    {
      "name": "CVE-2018-0739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0739"
    },
    {
      "name": "CVE-2015-5621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5621"
    },
    {
      "name": "CVE-2018-5743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-5743"
    },
    {
      "name": "CVE-2014-2310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2310"
    },
    {
      "name": "CVE-2018-9568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-9568"
    },
    {
      "name": "CVE-2019-12735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12735"
    },
    {
      "name": "CVE-2019-11810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11810"
    },
    {
      "name": "CVE-2020-1606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1606"
    },
    {
      "name": "CVE-2007-5846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5846"
    },
    {
      "name": "CVE-2019-9636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
    },
    {
      "name": "CVE-2020-1608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1608"
    },
    {
      "name": "CVE-2020-1602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1602"
    },
    {
      "name": "CVE-2018-12127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12127"
    },
    {
      "name": "CVE-2019-19919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19919"
    },
    {
      "name": "CVE-2017-17805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17805"
    },
    {
      "name": "CVE-2018-17972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17972"
    },
    {
      "name": "CVE-2008-6123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-6123"
    },
    {
      "name": "CVE-2020-1601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1601"
    },
    {
      "name": "CVE-2017-2595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-2595"
    },
    {
      "name": "CVE-2016-7061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7061"
    },
    {
      "name": "CVE-2019-5489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-5489"
    },
    {
      "name": "CVE-2017-12174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-12174"
    },
    {
      "name": "CVE-2018-12130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12130"
    },
    {
      "name": "CVE-2019-9824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9824"
    },
    {
      "name": "CVE-2017-3735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
    },
    {
      "name": "CVE-2020-1607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1607"
    },
    {
      "name": "CVE-2012-6151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
    },
    {
      "name": "CVE-2019-14835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14835"
    },
    {
      "name": "CVE-2018-0732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
    },
    {
      "name": "CVE-2019-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1073"
    },
    {
      "name": "CVE-2020-1604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1604"
    },
    {
      "name": "CVE-2016-7055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7055"
    },
    {
      "name": "CVE-2018-12126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12126"
    },
    {
      "name": "CVE-2020-1603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1603"
    },
    {
      "name": "CVE-2008-4309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4309"
    },
    {
      "name": "CVE-2019-1559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1559"
    },
    {
      "name": "CVE-2014-3565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3565"
    },
    {
      "name": "CVE-2020-1609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1609"
    },
    {
      "name": "CVE-2020-1605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1605"
    },
    {
      "name": "CVE-2020-1600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1600"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-015",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10992 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10992\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10986 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10986\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10985 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10985\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10980 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10980\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10981 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10981\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10983 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10983\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10979 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10979\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10987 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10987\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10982 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10982\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10990 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10990\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10991 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10991\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10993 du 08 janvier 2020",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10993\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2024-AVI-0781

Vulnerability from certfr_avis - Published: - Updated:

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 20.4R3-S7-EVO, 21.2R3-S7-EVO, 21.2R3-S8-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 21.4R3-S7-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.2R3-S4-EVO, 22.3R2-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.3R3-S2-EVO, 22.3R3-S3-EVO, 22.4R2-EVO, 22.4R3-EVO, 22.4R3-S1-EVO, 22.4R3-S2-EVO, 23.2R1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.4R1-EVO, 23.4R1-S1-EVO, 23.4R2-EVO et 24.2R1-EVO
Juniper Networks	Junos OS	Junos OS versions antérieures à 20.4R3-S9, 21.2R3-S6, 21.2R3-S7, 21.2R3-S8, 21.3R3-S5, 21.4R3-S4, 21.4R3-S5, 21.4R3-S7, 22.1R3-S3, 22.1R3-S4, 22.1R3-S5, 22.2R3-S2, 22.2R3-S3, 22.2R3-S4, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.3R3-S3, 22.4R2-S2, 22.4R3, 22.4R3-S2, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.4R1, 23.4R1-S1, 23.4R2 et 24.2R1
Juniper Networks	BBE Cloud Setup	BBE Cloudsetup versions antérieures à 2.1.0

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper Networks JSA75756	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA82975	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA82977	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA82971	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA79175	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA82974	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA75746	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA75759	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA75750	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA79101	2024-09-13	vendor-advisory
Bulletin de sécurité Juniper Networks JSA82973	2024-09-13	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S7-EVO, 21.2R3-S7-EVO, 21.2R3-S8-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 21.4R3-S7-EVO, 22.1R3-S4-EVO, 22.1R3-S5-EVO, 22.2R3-EVO, 22.2R3-S2-EVO, 22.2R3-S3-EVO, 22.2R3-S4-EVO, 22.3R2-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.3R3-S2-EVO, 22.3R3-S3-EVO, 22.4R2-EVO, 22.4R3-EVO, 22.4R3-S1-EVO, 22.4R3-S2-EVO, 23.2R1-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.4R1-EVO, 23.4R1-S1-EVO, 23.4R2-EVO et 24.2R1-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 20.4R3-S9, 21.2R3-S6, 21.2R3-S7, 21.2R3-S8, 21.3R3-S5, 21.4R3-S4, 21.4R3-S5, 21.4R3-S7, 22.1R3-S3, 22.1R3-S4, 22.1R3-S5, 22.2R3-S2, 22.2R3-S3, 22.2R3-S4, 22.3R2-S2, 22.3R3, 22.3R3-S1, 22.3R3-S2, 22.3R3-S3, 22.4R2-S2, 22.4R3, 22.4R3-S2, 23.2R1-S1, 23.2R1-S2, 23.2R2, 23.4R1, 23.4R1-S1, 23.4R2 et 24.2R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "BBE Cloudsetup versions ant\u00e9rieures \u00e0 2.1.0",
      "product": {
        "name": "BBE Cloud Setup",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2023-0216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
    },
    {
      "name": "CVE-2024-21618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21618"
    },
    {
      "name": "CVE-2023-0401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
    },
    {
      "name": "CVE-2023-28841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28841"
    },
    {
      "name": "CVE-2023-28840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28840"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2024-39524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39524"
    },
    {
      "name": "CVE-2020-15861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15861"
    },
    {
      "name": "CVE-2015-5621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5621"
    },
    {
      "name": "CVE-2023-3817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
    },
    {
      "name": "CVE-2014-2310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2310"
    },
    {
      "name": "CVE-2024-39523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39523"
    },
    {
      "name": "CVE-2023-0215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2020-15862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15862"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2019-20892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20892"
    },
    {
      "name": "CVE-2022-4886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4886"
    },
    {
      "name": "CVE-2023-5363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
    },
    {
      "name": "CVE-2022-23525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23525"
    },
    {
      "name": "CVE-2007-5846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5846"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2024-21605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21605"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2022-4203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
    },
    {
      "name": "CVE-2022-23524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23524"
    },
    {
      "name": "CVE-2023-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
    },
    {
      "name": "CVE-2015-8100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8100"
    },
    {
      "name": "CVE-2024-21615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21615"
    },
    {
      "name": "CVE-2021-25746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25746"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2008-6123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-6123"
    },
    {
      "name": "CVE-2023-28842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28842"
    },
    {
      "name": "CVE-2021-25748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25748"
    },
    {
      "name": "CVE-2023-25173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
    },
    {
      "name": "CVE-2023-33953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33953"
    },
    {
      "name": "CVE-2022-23526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23526"
    },
    {
      "name": "CVE-2014-2285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2285"
    },
    {
      "name": "CVE-2024-21609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21609"
    },
    {
      "name": "CVE-2024-39522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39522"
    },
    {
      "name": "CVE-2023-25153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
    },
    {
      "name": "CVE-2022-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
    },
    {
      "name": "CVE-2023-32732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32732"
    },
    {
      "name": "CVE-2024-39517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39517"
    },
    {
      "name": "CVE-2023-4785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4785"
    },
    {
      "name": "CVE-2012-6151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
    },
    {
      "name": "CVE-2024-39521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39521"
    },
    {
      "name": "CVE-2024-39512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39512"
    },
    {
      "name": "CVE-2023-1255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
    },
    {
      "name": "CVE-2021-44225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44225"
    },
    {
      "name": "CVE-2024-39553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39553"
    },
    {
      "name": "CVE-2024-39520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39520"
    },
    {
      "name": "CVE-2022-23471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
    },
    {
      "name": "CVE-2014-3565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3565"
    },
    {
      "name": "CVE-2023-2975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
    },
    {
      "name": "CVE-2023-5043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5043"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2021-25745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25745"
    },
    {
      "name": "CVE-2018-18065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-18065"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0781",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-09-16T00:00:00.000000"
    },
    {
      "description": "Correction d\u0027identifiants CVE erron\u00e9s",
      "revision_date": "2024-10-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
  "vendor_advisories": [
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75756",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-low-privileged-user-can-access-confidential-information-CVE-2024-21615"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82975",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Multiple-CLI-parameter-processing-issues-allowing-privilege-escalation-resolved"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82977",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-User-is-not-logged-out-when-the-console-cable-is-disconnected-CVE-2024-39512"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82971",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-BBE-Cloudsetup-Multiple-vulnerabilities-resolved-in-2-1-0-release"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA79175",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Upon-processing-specific-L2-traffic-rpd-can-hang-in-devices-with-EVPN-VXLAN-configured-CVE-2024-39517"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82974",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSL-3-0-12"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75746",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-SRX-300-Series-Specific-link-local-traffic-causes-a-control-plane-overload-CVE-2024-21605"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75759",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-LLDP-is-enabled-and-a-malformed-LLDP-packet-is-received-l2cpd-crashes-CVE-2024-21618"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75750",
      "url": "https://supportportal.juniper.net/s/article/2024-04-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-and-SRX-Series-If-specific-IPsec-parameters-are-negotiated-iked-will-crash-due-to-a-memory-leak-CVE-2024-21609"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA79101",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Receipt-of-arbitrary-data-when-sampling-service-is-enabled-leads-to-partial-Denial-of-Service-DoS-CVE-2024-39553"
    },
    {
      "published_at": "2024-09-13",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82973",
      "url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-net-SNMP-5-9-4"
    }
  ]
}

FKIE_CVE-2012-6151

Vulnerability from fkie_nvd - Published: 2013-12-13 18:55 - Updated: 2026-04-29 01:13

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
secalert@redhat.com	http://seclists.org/oss-sec/2013/q4/398
secalert@redhat.com	http://seclists.org/oss-sec/2013/q4/415
secalert@redhat.com	http://secunia.com/advisories/55804
secalert@redhat.com	http://secunia.com/advisories/57870
secalert@redhat.com	http://secunia.com/advisories/59974
secalert@redhat.com	http://sourceforge.net/p/net-snmp/bugs/2411/	Exploit
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml
secalert@redhat.com	http://www.securityfocus.com/bid/64048	Exploit
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2166-1
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1038007
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/89485
secalert@redhat.com	https://rhn.redhat.com/errata/RHSA-2014-0322.html
secalert@redhat.com	https://support.apple.com/HT205375
af854a3a-2127-422b-91ae-364da2661108	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/oss-sec/2013/q4/398
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/oss-sec/2013/q4/415
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/55804
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/57870
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59974
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/p/net-snmp/bugs/2411/	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/64048	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2166-1
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1038007
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/89485
af854a3a-2127-422b-91ae-364da2661108	https://rhn.redhat.com/errata/RHSA-2014-0322.html
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT205375

Impacted products

Vendor	Product	Version
apple	mac_os_x	10.11.0
canonical	ubuntu_linux	10.04
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	12.10
canonical	ubuntu_linux	13.10
net-snmp	net-snmp	*
net-snmp	net-snmp	5.0
net-snmp	net-snmp	5.0.1
net-snmp	net-snmp	5.0.2
net-snmp	net-snmp	5.0.3
net-snmp	net-snmp	5.0.4
net-snmp	net-snmp	5.0.5
net-snmp	net-snmp	5.0.6
net-snmp	net-snmp	5.0.7
net-snmp	net-snmp	5.0.8
net-snmp	net-snmp	5.0.9
net-snmp	net-snmp	5.1
net-snmp	net-snmp	5.1.2
net-snmp	net-snmp	5.2
net-snmp	net-snmp	5.3
net-snmp	net-snmp	5.3.0.1
net-snmp	net-snmp	5.4
net-snmp	net-snmp	5.5
net-snmp	net-snmp	5.6
net-snmp	net-snmp	5.7

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDDDDC59-E784-4C8B-BDAD-55D8322138EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E2FA9EC-6B8B-408E-BBF5-286EE423626B",
              "versionEndIncluding": "5.7.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "87B4FDFF-9E09-4AB9-9196-6A01903473B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "21E8FC05-D498-4D5D-B5A3-3F16749B7491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BD964F4-9196-4641-A854-09DA86BCC890",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "44A07BEF-C759-459E-A144-D37C1A55A9C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA0FD6CE-8179-4D48-9690-C130C0402CD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B97B7D0D-68CC-463D-A14B-3651D8DD4C73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFCF39FC-D220-4F4A-8CBF-B993C65671FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B5512FA-8B74-4585-ADEF-F710C0DF83A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "51AAC2EA-8AA7-4303-BD64-74CFC7938D04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C872A9B0-0B3C-47B2-82F5-344BEBA221CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6CA1700-07A8-4DC3-8AB3-A30DBD7C8F9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88517EE-17E2-4128-8355-FAAC815718CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E2BAAA8-313D-41F2-A98D-3557331E35B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "331C82ED-2FC8-44D0-B9CC-C1F8E693F3EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA42449F-A7E7-415C-8EC7-DB7B971AC603",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "950BC4AA-60A3-4512-A452-F205FF843C29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF6D757-93C1-4B08-B863-1183C9BD92AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "50F4D055-EC8F-4F88-BE40-2EEDD41F50A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:net-snmp:net-snmp:5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D7025F3-9106-4F62-91AA-4DA23417B999",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout."
    },
    {
      "lang": "es",
      "value": "Net-SNMP 5.7.1 y anteriores, cuando AgentX est\u00e1 registrando para manejar una MIB y tramitaci\u00f3n de solicitudes de GETNEXT, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda o bucle infinito,  consumo de CPU, y bloqueo) causando timeout en el  subagente AgentX"
    }
  ],
  "id": "CVE-2012-6151",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-12-13T18:55:04.693",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://seclists.org/oss-sec/2013/q4/398"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://seclists.org/oss-sec/2013/q4/415"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/55804"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/57870"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59974"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://sourceforge.net/p/net-snmp/bugs/2411/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/64048"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-2166-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1038007"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89485"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2014-0322.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://support.apple.com/HT205375"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/oss-sec/2013/q4/398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/oss-sec/2013/q4/415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/55804"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/57870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59974"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://sourceforge.net/p/net-snmp/bugs/2411/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/64048"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2166-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1038007"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89485"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2014-0322.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/HT205375"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-MV75-H3QP-GPMF

Vulnerability from github – Published: 2022-05-17 01:37 – Updated: 2025-04-11 04:17

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-6151"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-12-13T18:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout.",
  "id": "GHSA-mv75-h3qp-gpmf",
  "modified": "2025-04-11T04:17:03Z",
  "published": "2022-05-17T01:37:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6151"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1038007"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89485"
    },
    {
      "type": "WEB",
      "url": "https://rhn.redhat.com/errata/RHSA-2014-0322.html"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT205375"
    },
    {
      "type": "WEB",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/oss-sec/2013/q4/398"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/oss-sec/2013/q4/415"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/55804"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/57870"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/59974"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/p/net-snmp/bugs/2411"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/64048"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2166-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-6151 (GCVE-0-2012-6151)

Solution

Solution

Solution

Solutions

Solution

Solution

Solution

Solutions

Tags

Sightings

Nomenclature