The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of SRX

vulnerability note CVE-2018-0737

OpenSSL: information disclosure via RSA Constant Time Key Generation

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via RSA Constant Time Key Generation of OpenSSL, in order to obtain sensitive information.
Impacted products: Debian, AIX, BladeCenter, IBM i, Juniper EX-Series, Juniper J-Series, Junos OS, SRX-Series, MariaDB ~ precise, MySQL Community, MySQL Enterprise, Nodejs Core, OpenBSD, OpenSSL, openSUSE Leap, Oracle Communications, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Solaris, Tuxedo, Oracle Virtual Directory, VirtualBox, WebLogic, Palo Alto Firewall PA***, PAN-OS, Percona Server, XtraBackup, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Nessus, Ubuntu, X2GoClient.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 17/04/2018.
Identifiers: bulletinjul2018, CERTFR-2018-AVI-511, CERTFR-2018-AVI-607, cpuapr2019, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-0737, DLA-1449-1, DSA-4348-1, DSA-4355-1, ibm10729805, ibm10743283, ibm10880781, JSA10919, openSUSE-SU-2018:2695-1, openSUSE-SU-2018:2957-1, openSUSE-SU-2018:3015-1, openSUSE-SU-2019:0152-1, openSUSE-SU-2019:1432-1, PAN-SA-2018-0015, RHSA-2018:3221-01, SSA:2018-226-01, SUSE-SU-2018:2486-1, SUSE-SU-2018:2492-1, SUSE-SU-2018:2683-1, SUSE-SU-2018:2928-1, SUSE-SU-2018:2965-1, SUSE-SU-2018:3864-1, SUSE-SU-2018:3864-2, SUSE-SU-2019:0197-1, SUSE-SU-2019:0512-1, SUSE-SU-2019:1553-1, TNS-2018-14, TNS-2018-17, TSB17568, USN-3628-1, USN-3628-2, USN-3692-1, USN-3692-2, VIGILANCE-VUL-25884.

Description of the vulnerability

An attacker can bypass access restrictions to data via RSA Constant Time Key Generation of OpenSSL, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2018-0022

Junos OS: memory leak via MPLS/VPLS

Synthesis of the vulnerability

An attacker can create a memory leak via MPLS/VPLS of Junos OS, in order to trigger a denial of service.
Impacted products: Juniper J-Series, Junos OS, SRX-Series.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: intranet client.
Creation date: 12/04/2018.
Identifiers: CERTFR-2018-AVI-184, CVE-2018-0022, JSA10855, VIGILANCE-VUL-25854.

Description of the vulnerability

An attacker can create a memory leak via MPLS/VPLS of Junos OS, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2018-0021

Junos OS: Man-in-the-Middle via Short MacSec Keys

Synthesis of the vulnerability

An attacker can act as a Man-in-the-Middle via Short MacSec Keys on Junos OS, in order to read or write data in the session.
Impacted products: Juniper J-Series, Junos OS, SRX-Series.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: internet server.
Creation date: 12/04/2018.
Identifiers: CERTFR-2018-AVI-184, CVE-2018-0021, JSA10854, VIGILANCE-VUL-25853.

Description of the vulnerability

An attacker can act as a Man-in-the-Middle via Short MacSec Keys on Junos OS, in order to read or write data in the session.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2018-0020

Junos OS: denial of service via BGP UPDATE

Synthesis of the vulnerability

An attacker can send malicious BGP UPDATE packets to Junos OS, in order to trigger a denial of service.
Impacted products: Juniper J-Series, Junos OS, SRX-Series.
Severity: 3/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 12/04/2018.
Identifiers: CERTFR-2018-AVI-184, CVE-2018-0020, JSA10848, VIGILANCE-VUL-25850.

Description of the vulnerability

The Junos OS product has a service to manage received BGP UPDATE packets.

However, when malicious BGP UPDATE packets are received, a fatal error occurs.

An attacker can therefore send malicious BGP UPDATE packets to Junos OS, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2018-0019

Junos OS: denial of service via SNMP MIB-II Subagent Daemon

Synthesis of the vulnerability

An attacker can generate a fatal error via SNMP MIB-II Subagent Daemon of Junos OS, in order to trigger a denial of service.
Impacted products: Juniper J-Series, Junos OS, SRX-Series.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: intranet client.
Creation date: 12/04/2018.
Identifiers: CERTFR-2018-AVI-184, CVE-2018-0019, JSA10847, VIGILANCE-VUL-25849.

Description of the vulnerability

An attacker can generate a fatal error via SNMP MIB-II Subagent Daemon of Junos OS, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2018-0018

Junos OS: privilege escalation via IDP Policies

Synthesis of the vulnerability

An attacker can bypass restrictions via IDP Policies of Junos OS, in order to escalate his privileges.
Impacted products: Junos OS, SRX-Series.
Severity: 3/4.
Consequences: data reading, data flow.
Provenance: internet client.
Creation date: 12/04/2018.
Identifiers: CERTFR-2018-AVI-184, CVE-2018-0018, JSA10846, VIGILANCE-VUL-25848.

Description of the vulnerability

An attacker can bypass restrictions via IDP Policies of Junos OS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2018-0017

Junos OS: denial of service via NAT-PT

Synthesis of the vulnerability

An attacker can generate a fatal error via NAT-PT of Junos OS, in order to trigger a denial of service.
Impacted products: Junos OS, SRX-Series.
Severity: 3/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 12/04/2018.
Identifiers: CERTFR-2018-AVI-184, CVE-2018-0017, JSA10845, VIGILANCE-VUL-25847.

Description of the vulnerability

An attacker can generate a fatal error via NAT-PT of Junos OS, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-0016

Junos OS: denial of service via CLNP

Synthesis of the vulnerability

An attacker can send malicious CLNP packets to Junos OS, in order to trigger a denial of service.
Impacted products: Juniper J-Series, Junos OS, SRX-Series.
Severity: 3/4.
Consequences: denial of service on server, denial of service on service.
Provenance: intranet client.
Creation date: 12/04/2018.
Identifiers: CERTFR-2018-AVI-184, CVE-2018-0016, JSA10844, VIGILANCE-VUL-25846.

Description of the vulnerability

The Junos OS product has a service to manage received CLNP packets.

However, when malicious CLNP packets are received, a fatal error occurs.

An attacker can therefore send malicious CLNP packets to Junos OS, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2018-1000122

curl: out-of-bounds memory reading via RTSP RTP

Synthesis of the vulnerability

An attacker can force a read at an invalid address via RTSP RTP of curl, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: SDS, SES, SNS, OpenOffice, curl, Debian, Unisphere EMC, Fedora, Juniper EX-Series, Junos OS, SRX-Series, openSUSE Leap, Oracle Communications, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Solaris, Tuxedo, Oracle Virtual Directory, WebLogic, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: intranet server.
Creation date: 14/03/2018.
Identifiers: bulletinapr2018, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-1000122, DLA-1309-1, DSA-2019-114, DSA-4136-1, FEDORA-2018-66c96e0024, FEDORA-2018-8877b4ccac, JSA10874, openSUSE-SU-2018:0794-1, RHSA-2018:3157-01, RHSA-2018:3558-01, SSA:2018-074-01, STORM-2019-002, SUSE-SU-2018:1323-1, USN-3598-1, USN-3598-2, VIGILANCE-VUL-25547.

Description of the vulnerability

An attacker can force a read at an invalid address via RTSP RTP of curl, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-1000121

curl: NULL pointer dereference via LDAP URL

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via LDAP URL of curl, in order to trigger a denial of service.
Impacted products: SDS, SES, SNS, OpenOffice, curl, Debian, Unisphere EMC, Fedora, Juniper EX-Series, Junos OS, SRX-Series, openSUSE Leap, Oracle Communications, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Solaris, Tuxedo, Oracle Virtual Directory, WebLogic, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: intranet server.
Creation date: 14/03/2018.
Identifiers: bulletinapr2018, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-1000121, DLA-1309-1, DSA-2019-114, DSA-4136-1, FEDORA-2018-66c96e0024, FEDORA-2018-8877b4ccac, JSA10874, openSUSE-SU-2018:0794-1, RHSA-2018:3157-01, RHSA-2018:3558-01, SSA:2018-074-01, STORM-2019-002, SUSE-SU-2018:1323-1, USN-3598-1, USN-3598-2, VIGILANCE-VUL-25546.

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via LDAP URL of curl, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about SRX: