{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<ul> <li>Produits NFX, Junos OS versions ant\u00e9rieures \u00e0 18.2R1, 18.2X75-D5</li> <li>Produits CTP, CTPView versions ant\u00e9rieures \u00e0 7.3R6</li> <li>Produits EX, Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S15</li> <li>Produits SRX <ul> <li>Junos OS versions ant\u00e9rieures \u00e0 12.3X48-D80, 15.1X49-D120, 15.1X49-D150, 15.1X49-D171, 15.1X49-D180, \u00e0 partir de la version 18.2R2-S1 et ant\u00e9rieures \u00e0 18.2R3, 18.4R2, ainsi que les versions ant\u00e9rieures \u00e0 18.2R3, 19.2R1 pour la s\u00e9rie SRX 5000</li> <li>Junos OS avec J-Web activ\u00e9 versions ant\u00e9rieures \u00e0 12.3X48-D85, 15.1X49-D180</li> <li>Junos OS avec SIP ALG activ\u00e9 versions ant\u00e9rieures \u00e0 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2</li> </ul> </li> <li>Produits MX <ul> <li>Junos OS gamme\u00a0MX480, MX960, MX2008, MX2010, MX2020 versions ant\u00e9rieures \u00e0 18.1R2-S4, 18.1R3-S5, 18.1X75-D10 et ult\u00e9rieures, versions ant\u00e9rieures \u00e0 18.2R1-S5, 18.2R2-S3, 18.2R3, 18.2X75-D50, 18.3R1-S4, 18.3R2, 18.3R3, 18.4R1-S2, 18.4R2</li> <li>Junos OS avec DHCPv6 activ\u00e9 versions ant\u00e9rieures \u00e0 15.1R7-S5, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R3-S2, 17.3R3-S6, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S4, 18.2R3, 18.2X75-D50, 18.3R1-S5, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2</li> <li>Junos OS avec cartes MS-PIC, MS-MIC ou MS-MPC et activation de NAT et SIP ALG, versions ant\u00e9rieures 16.1R7-S5, 16.2R2-S11, 17.1R3, 17.2R3-S3, 17.3R3-S6, 17.4R2-S8, 17.4R3, 18.1R3-S3, 18.2R3, 18.3R2, 18.4R</li> </ul> </li> <li>Toutes s\u00e9ries <ul> <li>Junos OS versions ant\u00e9rieures \u00e0 15.1F6-S12, 15.1R7-S2,\u00a0 15.1X49-D171, 15.1X49-D180, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590,\u00a0 15.1X53-D496, 15.1X53-D68, 15.1X53-D69, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.2R3-S1, 17.3R2-S4, 17.3R3, 17.3R3-S4, 17.4R1-S6, 17.4R1-S7, 17.4R2-S3, 17.4R3, 18.1R2-S4, 18.1R3-S1, 18.1X75, 18.2R1-S5, 18.2R2-S2, 18.2R3, 18.3R1-S3, 18.3R2, 18.4R1-S2, 18.4R2</li> <li>Junos OS avec J-Web activ\u00e9 versions ant\u00e9rieures \u00e0 14.1X53-D51, 15.1F6-S13, 15.1R7-S5, 15.1X53-D238, 16.1R4-S13, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R2-S8, 17.2R3-S3, 17.3R3-S5, 17.4R2-S8, 17.4R3, 18.1R3-S8, 18.2R3, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2</li> <li>Junos OS sur des \u00e9quipements avec l'option Multi-Chassis Link Aggregation Group (MC-LAG) activ\u00e9e, versions ult\u00e9rieures \u00e0 15.1 et ant\u00e9rieures \u00e0 16.1R6-S2, 16.1R7, 16.2R2-S10, 17.1R3</li> </ul> </li> </ul> ","content":"## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2019-0061","url":"https://www.cve.org/CVERecord?id=CVE-2019-0061"},{"name":"CVE-2019-0054","url":"https://www.cve.org/CVERecord?id=CVE-2019-0054"},{"name":"CVE-2019-0058","url":"https://www.cve.org/CVERecord?id=CVE-2019-0058"},{"name":"CVE-2019-0056","url":"https://www.cve.org/CVERecord?id=CVE-2019-0056"},{"name":"CVE-2019-0062","url":"https://www.cve.org/CVERecord?id=CVE-2019-0062"},{"name":"CVE-2016-10011","url":"https://www.cve.org/CVERecord?id=CVE-2016-10011"},{"name":"CVE-2016-10009","url":"https://www.cve.org/CVERecord?id=CVE-2016-10009"},{"name":"CVE-2019-0057","url":"https://www.cve.org/CVERecord?id=CVE-2019-0057"},{"name":"CVE-2019-0067","url":"https://www.cve.org/CVERecord?id=CVE-2019-0067"},{"name":"CVE-2019-0063","url":"https://www.cve.org/CVERecord?id=CVE-2019-0063"},{"name":"CVE-2019-0064","url":"https://www.cve.org/CVERecord?id=CVE-2019-0064"},{"name":"CVE-2016-10010","url":"https://www.cve.org/CVERecord?id=CVE-2016-10010"},{"name":"CVE-2018-20685","url":"https://www.cve.org/CVERecord?id=CVE-2018-20685"},{"name":"CVE-2016-10012","url":"https://www.cve.org/CVERecord?id=CVE-2016-10012"},{"name":"CVE-2015-8325","url":"https://www.cve.org/CVERecord?id=CVE-2015-8325"},{"name":"CVE-2019-0065","url":"https://www.cve.org/CVERecord?id=CVE-2019-0065"},{"name":"CVE-2019-0059","url":"https://www.cve.org/CVERecord?id=CVE-2019-0059"},{"name":"CVE-2019-0055","url":"https://www.cve.org/CVERecord?id=CVE-2019-0055"},{"name":"CVE-2019-0060","url":"https://www.cve.org/CVERecord?id=CVE-2019-0060"},{"name":"CVE-2019-0066","url":"https://www.cve.org/CVERecord?id=CVE-2019-0066"}],"links":[],"reference":"CERTFR-2019-AVI-500","revisions":[{"description":"Version initiale","revision_date":"2019-10-10T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10962 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10962&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10954 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10954&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10953 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10953&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10957 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10957&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10952 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10952&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10965 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10965&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10964 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10964&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10960 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10960&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10963 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10963&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10958 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10958&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10959 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10959&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10966 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10966&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10956 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10956&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10955 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10955&cat=SIRT_1&actp=LIST"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Juniper JSA10961 du 10 octobre 2019","url":"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10961&cat=SIRT_1&actp=LIST"}]}