CVE-2018-0009

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 12.1X46-D71 on SRX series Juniper Networks Junos OS versions prior to 12.3X48-D55 on SRX series Juniper Networks Junos OS versions prior to 15.1X49-D100 on SRX series

Description: The issue allows firewall rules configured to match custom application UUIDs starting with zeros to match all TCP traffic, resulting in a firewall bypass condition. This means that traffic which should have been blocked by other rules is permitted to flow through the device.

Recommendations: For versions prior to 12.1X46-D71 on SRX series, update to 12.1X46-D71 or later. For versions prior to 12.3X48-D55 on SRX series, update to 12.3X48-D55 or later. For versions prior to 15.1X49-D100 on SRX series, update to 15.1X49-D100 or later.