Rewterz Threat Advisory –Multiple Vulnerabilities In Junos Space Log Collector

Severity

High

Analysis Summary

CVE-2019-17006

In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.

CVE-2019-8675

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.

CVE-2019-8696

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.

CVE-2020-12321

Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

CVE-2020-15862

Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.

Impact

• Privilege Escalation
• Code Execution

Affected Vendors

Juniper

Affected Products

• Junos Space Log Collector 20.1
• Junos Space Log Collector 20.2
• Junos Space Log Collector 20.3

Remediation

Refer to Juniper advisory for the complete list of affected products and their respective patches.

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11209&cat=SIRT_1&actp=LIST