Lucene search
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.JUNIPER_JSA11130.NASLHistoryApr 15, 2021 - 12:00 a.m.
Juniper Junos OS Vulnerability (JSA11130)
2021-04-1500:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L
0.0004 Low
EPSS
Percentile
12.6%
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11130 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#TRUSTED 53533f19b24e272a3b9002b49883565c29c100b90a64d36d51e43fcf1f312f39919b9a6df1fa754348842b46c5c9d69ab8052ee0e87b61e4d5ca2d31e6fe6940ead938b4668444908ad90c18e85cb626728251dcde6182287016b485098293fad40f24de0ac3f15efdeca4cf0ef066b4d485ce8217ba1515fd7508975cf6e7675687111bd39ab7c5dfd4bbff7b1d8b22073f5eea7cebaf64541f0953bf7579a02ad450e3994fe8b6c71771f8802f0e1f60f1ed7c9f6f77b815b530cb898efdf20ab963828a570d50b829f2a765f6922d3afd6806699b6cd3716eb451df5fe8c453c55c2fc7e6baa0cd820d5d39723a0f8aadebc1fb2099dce95e328bb2261343a9d4b703516f4ea778a171819cebc12dede7e9333d90e2f400e787f982a1927ae228d457ad59e1b83e9892acf58cb34e5809b3f3c840a90f2182606f67ca105dce5e58ae147d8a6f3f174fdb971c0cc0aa70e168c580419788016e7a287f3cea6c99173be866c474467ff540fb6ea5410576e93044ce8755cb36634b114d03c9bf92ac463c6d24bd89866f9ac72ddb8d520f1318801bd5b3d19260fd7f51adb70efa3bd4663381fb83ff5382aeda4cabfa4e2c4599fec35e590a8f07e1339af5b881be5b1bdaf846daec48f2835ebaf8088a86e84fcedb15946d4ade2eecee1d75a89b4705f0012d9806d600d61dc3031af9e6872d154d59302bb147d25ee0ac
#TRUST-RSA-SHA256 80ee16e4bd73ebc8e325a791dff3c6c18df2265560bb866106ce48af896882a52359d71c261cac0bdab4a81f26d87eaba55e7426746c1fba7a2e9007f845fe875efb0e83750717795d85087c74ac3781a07070dd200a05477f7dac66a0b242ebd344fd020659295edeee083f14a8bc5ec0816e2a46fec1dbe42aedf5bdb5edfe144366089bc7e5e38f97162a2d0fda4d6bef3ae93da59725c4bb7156e93b64eb67ca9379f651bdc669ae6cd142e314d8ff431021fccfdff9caec836b4996e17d111fa2f9f531eb0e0c6024201ecb185d0bb48113a141d3d79162be47cae59130c21681a5d84608a328912f2b9a94c5535ec8e0649eb06642138dfdcaa833fe4c3c215664f510a0ea586bfb8e74504a3b4a13b1d8690c57ff24586a8ee5c4667aa2b9ec6f613e09b12c2178b56defa1e40ec1ef21f4c4dc36d16ed39fb5081f44f7c878f0b04e071687a3f99b0c480b207b022d8d1bde6841a1d9033842564816b130f97ad0bd030055422292161ea16f0a975d8fae8030a016aa76e47ec626ec434e7ebeda0b2b4ffd8206afdb676ca085914da72342e9f14e12b62841755290a8602fecf959600dd7bd44c0024a6e6887ed6c68fc3e2933f728d27ebc11490be8fdd7594a7f4e22900de18291005544d243c60a78803a6dd0460e5bd9790b93a31cc62af51c5b270f40f89e3b955f9b9065686793fdeac65e035adcfdbcd416
##
# (C) Tenable Network Security, Inc.
##
include('compat.inc');
if (description)
{
script_id(148682);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/20");
script_cve_id("CVE-2021-0235");
script_xref(name:"JSA", value:"JSA11130");
script_name(english:"Juniper Junos OS Vulnerability (JSA11130)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11130
advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported
version number.");
# https://supportportal.juniper.net/s/article/2021-04-Security-Bulletin-Junos-OS-SRX1500-4100-4200-4600-5000-Series-with-SPC2-SPC3-vSRX-Series-In-a-multi-tenant-environment-a-tenant-host-administrator-may-configure-logical-firewall-isolation-affecting-other-tenant-networks-CVE-2021-0235
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5fa9851a");
script_set_attribute(attribute:"solution", value:
"Apply the relevant Junos software release referenced in Juniper advisory JSA11130");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-0235");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/04/14");
script_set_attribute(attribute:"patch_publication_date", value:"2021/04/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/04/15");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:juniper:junos");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Junos Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("junos_version.nasl");
script_require_keys("Host/Juniper/JUNOS/Version", "Host/Juniper/model");
exit(0);
}
include('junos.inc');
var model = get_kb_item_or_exit('Host/Juniper/model');
if (model !~ "^(SRX1500|SRX4100|SRX4200|SRX4600|SRX5000|vSRX)")
{
audit(AUDIT_DEVICE_NOT_VULN, model);
}
var ver = get_kb_item_or_exit('Host/Juniper/JUNOS/Version');
var vuln_ranges = [
{'min_ver':'18.3', 'fixed_ver':'18.3R1', 'model':'^(SRX1500|SRX4100|SRX4200|SRX4600|SRX5000)'},
{'min_ver':'18.4', 'fixed_ver':'18.4R1', 'model':'^(SRX1500|SRX4100|SRX4200|SRX4600|SRX5000)'},
{'min_ver':'19.1', 'fixed_ver':'19.1R1', 'model':'^(SRX1500|SRX4100|SRX4200|SRX4600|SRX5000)'},
{'min_ver':'19.2', 'fixed_ver':'19.2R1-S6', 'model':'^(SRX1500|SRX4100|SRX4200|SRX4600|SRX5000)'},
{'min_ver':'19.2R2', 'fixed_ver':'19.2R3-S2', 'model':'^(SRX1500|SRX4100|SRX4200|SRX4600|SRX5000)'},
{'min_ver':'19.3', 'fixed_ver':'19.3R3-S2', 'model':'^(SRX1500|SRX4100|SRX4200|SRX4600|SRX5000)'},
{'min_ver':'19.4', 'fixed_ver':'19.4R2-S4', 'model':'^(SRX1500|SRX4100|SRX4200|SRX4600|SRX5000)'},
{'min_ver':'19.4R3', 'fixed_ver':'19.4R3-S2', 'model':'^(SRX1500|SRX4100|SRX4200|SRX4600|SRX5000)'},
{'min_ver':'20.1', 'fixed_ver':'20.1R2', 'model':'^(SRX1500|SRX4100|SRX4200|SRX4600|SRX5000|vSRX)', 'fixed_display':'20.1R2, 20.1R3'},
{'min_ver':'20.2', 'fixed_ver':'20.2R2-S1', 'model':'^(SRX1500|SRX4100|SRX4200|SRX4600|SRX5000|vSRX)', 'fixed_display':'20.2R2-S1, 20.2R3'},
{'min_ver':'20.3', 'fixed_ver':'20.3R1-S2', 'model':'^(SRX1500|SRX4100|SRX4200|SRX4600|SRX5000|vSRX)', 'fixed_display':'20.3R1-S2, 20.3R2'},
{'min_ver':'20.4', 'fixed_ver':'20.4R1', 'model':'^(SRX1500|SRX4100|SRX4200|SRX4600|SRX5000|vSRX)', 'fixed_display':'20.4R1, 20.4R2'}
];
var fix = junos_compare_range(target_version:ver, vuln_ranges:vuln_ranges);
if (empty_or_null(fix)) audit(AUDIT_INST_VER_NOT_VULN, 'Junos OS', ver);
var report = get_report(ver:ver, fix:fix);
security_report_v4(severity:SECURITY_WARNING, port:0, extra:report);
Related
prion
prion
Code injection
2021-04-22 20:15:00
cve
cve
CVE-2021-0235
2021-04-22 20:15:08
cvelist
cvelist
nvd
nvd
CVE-2021-0235
2021-04-22 20:15:08
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L
0.0004 Low
EPSS
Percentile
12.6%
Related for JUNIPER_JSA11130.NASL