fkie_cve-2019-0014
Vulnerability from fkie_nvd
Published
2019-01-15 21:29
Modified
2024-11-21 04:16
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down. By continuously sending the offending packet, an attacker can repeatedly crash the FPC process causing a sustained Denial of Service (DoS). This issue affects both IPv4 and IPv6 packet processing. Affected releases are Juniper Networks Junos OS on QFX and PTX Series: 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1; 18.2 versions prior to 18.2R1-S3, 18.2R2; 17.2X75 versions prior to 17.2X75-D91, 17.2X75-D100.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | http://www.securityfocus.com/bid/106556 | Third Party Advisory, VDB Entry | |
| sirt@juniper.net | https://kb.juniper.net/JSA10914 | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106556 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA10914 | Mitigation, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos | 17.2x75 | |
| juniper | junos | 17.2x75 | |
| juniper | junos | 17.2x75 | |
| juniper | junos | 17.4 | |
| juniper | junos | 17.4 | |
| juniper | junos | 17.4 | |
| juniper | junos | 18.2 | |
| juniper | ptx1000 | - | |
| juniper | ptx10002 | - | |
| juniper | ptx10008 | - | |
| juniper | ptx10016 | - | |
| juniper | ptx3000 | - | |
| juniper | ptx5000 | - | |
| juniper | qfx10002 | - | |
| juniper | qfx10008 | - | |
| juniper | qfx10016 | - | |
| juniper | qfx3500 | - | |
| juniper | qfx3600 | - | |
| juniper | qfx5100 | - | |
| juniper | qfx5110 | - | |
| juniper | qfx5120 | - | |
| juniper | qfx5200 | - | |
| juniper | qfx5210 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.2x75:d102:*:*:*:*:*:*",
"matchCriteriaId": "81332BD3-99F9-4A7C-A04F-1F3A81CA6941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2x75:d50:*:*:*:*:*:*",
"matchCriteriaId": "1C913A29-64F1-4B2C-A4BC-163891E9A43A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2x75:d70:*:*:*:*:*:*",
"matchCriteriaId": "CD7217ED-631C-4206-9381-18C0BDD69C7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*",
"matchCriteriaId": "974B6128-ABD2-4D9C-87A1-5F1740DDCB95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "0E0CE79A-157D-47DE-BE65-936BC12470EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "167EEC4F-729E-47C2-B0F8-E8108CE3E985",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:ptx1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E6DF99D-E438-4943-BC32-F2821E72AE0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82B22AC2-B794-4F12-9EB3-9AA6E4B19831",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65A64A26-4606-4D33-8958-5A3B7FFC4CDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx10016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1879799F-18B2-4958-AA90-FD19348C889F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "516476F9-7D4C-494F-99AA-750F4467CD15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:ptx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "654140A0-FEC0-4DB4-83BF-ECCB000DFA4D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1401145-D8EC-4DB9-9CDE-9DE6C0D000C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1453E42A-77B3-4922-8EC3-1A5668C39550",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26408465-BD6A-4416-B98E-691A5F651080",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A336BD3-4AB0-4E9E-8AD5-E6413A5A53FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4D44B0-E6CE-4380-8712-AC832DBCB424",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09EBDE4B-764F-4DF1-844A-BB8A52CD53EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D877320D-1997-4B66-B11B-864020C755E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down. By continuously sending the offending packet, an attacker can repeatedly crash the FPC process causing a sustained Denial of Service (DoS). This issue affects both IPv4 and IPv6 packet processing. Affected releases are Juniper Networks Junos OS on QFX and PTX Series: 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1; 18.2 versions prior to 18.2R1-S3, 18.2R2; 17.2X75 versions prior to 17.2X75-D91, 17.2X75-D100."
},
{
"lang": "es",
"value": "En las series QFX y PTX, la recepci\u00f3n de un paquete mal formado para el muestreo de J-Flow podr\u00eda provocar el cierre inesperado del proceso FPC (Flexible PIC Concentrator), que provoca que todas las interfaces se caigan. Mediante el env\u00edo continuo del paquete manipulado, un atacante puede cerrar repetidamente el proceso FPC, provocando una denegaci\u00f3n de servicio (DoS) prolongada. Este problema afecta al procesamiento de paquetes IPv4 y IPv6. Las versiones afectadas son Juniper Networks Junos OS en las series QFX y PTX: 17.4 en versiones anteriores a la 17.4R2-S1, 17.4R3; 18.1 en versiones anteriores a la 18.1R3-S1; 18.2 en versiones anteriores a la 18.2R1-S3, 18.2R2; 17.2X75 en versiones anteriores a la 17.2X75-D91, 17.2X75-D100."
}
],
"id": "CVE-2019-0014",
"lastModified": "2024-11-21T04:16:03.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-15T21:29:01.387",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106556"
},
{
"source": "sirt@juniper.net",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10914"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.