Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2018-0001

Published: 10/01/2018 Updated: 23/02/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Junos

Vulnerability Summary

A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS: 12.1X46 versions before 12.1X46-D67; 12.3 versions before 12.3R12-S5; 12.3X48 versions before 12.3X48-D35; 14.1 versions before 14.1R8-S5, 14.1R9; 14.1X53 versions before 14.1X53-D44, 14.1X53-D50; 14.2 versions before 14.2R7-S7, 14.2R8; 15.1 versions before 15.1R3; 15.1X49 versions before 15.1X49-D30; 15.1X53 versions before 15.1X53-D70.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

juniper junos 12.1x46

juniper junos 12.3x48

juniper junos 15.1x49

juniper junos 15.1x53

juniper junos 14.1

juniper junos 14.2

juniper junos 15.1

juniper junos 12.3

juniper junos 14.1x53

Github Repositories

https://github.com/becrevex/Kampai

Kenna API CLI utility with the ability to import single and multiple records

Kampai Kenna R/W Automation Command Line Tool #Installation Take care of the dependencies: $ pip3 install -r requirementstxt Execution c:\> python kampaipy usage: kampaipy [-h] [-ip IPADDRESS] [-url URL] [-host HOSTNAME] [-p PORT] [-id VULNID] [-fix REMEDIATION] [-s SEVERITY] [-iX EXCEL] [-iC CSV] [-createxls] Kampai: Custom Kenna Connector for single or bulk import

https://github.com/fabric8-analytics/fabric8-analytics-data-model

Fabric8-Analytics Data Models This repository serves as a base for our data modeling work You can easily connect to graphing engine (Gremlin + DynamoDB) running remotely in containers and import models to explore the graphs representing Fabric8-Analytics data Contributing See our contributing guidelines for more info Configuration parameters Keep proper configuration values

https://github.com/hashauthority/wsusscn2cli

CLI for Microsoft Windows patches (wsusscn2.cab) API

WSUSSCN2 CLI - a CLI for the wsusscn2cab API Please note that this tool is not affiliated with or created by Microsoft Corporation Microsoft, Encarta, MSN, and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries Goal: Provide a command line interface to Microsoft patch data using the REST API from wsussc

References

CWE-416https://kb.juniper.net/JSA10828http://www.securitytracker.com/id/1040180http://www.securityfocus.com/bid/103092https://nvd.nist.govhttps://github.com/becrevex/Kampai
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook