CVE-2018-0034
5.9
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 2.2 / Impact: 3.6
Source: NVD
Description
A Denial of Service vulnerability exists in the Juniper Networks Junos OS JDHCPD daemon which allows an attacker to core the JDHCPD daemon by sending a crafted IPv6 packet to the system. This issue is limited to systems which receives IPv6 DHCP packets on a system configured for DHCP processing using the JDHCPD daemon. This issue does not affect IPv4 DHCP packet processing. Affected releases are Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S10 on EX Series; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions prior to 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions prior to 14.1X53-D130 on QFabric; 15.1 versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D140 on SRX Series; 15.1X53 versions prior to 15.1X53-D67 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D233 on QFX5110, QFX5200; 15.1X53 versions prior to 15.1X53-D471 on NFX 150, NFX 250; 16.1 versions prior to 16.1R3-S9, 16.1R4-S8, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.2 versions prior to 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 versions prior to 17.3R1-S4, 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R1-S3, 17.4R2.
Affected (130)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 12.3 |
| Running on/with | Platform Versions |
|---|---|
Juniper Ex2200 | All versions |
Juniper Ex2200 C | All versions |
Juniper Ex2200 Vc | All versions |
Juniper Ex3300 | All versions |
Juniper Ex3300 Vc | All versions |
Juniper Ex4200 Vc | All versions |
Juniper Ex4500 | All versions |
Juniper Ex4500 Vc | All versions |
Juniper Ex4550 | All versions |
Juniper Ex4550 Vc | All versions |
Juniper Ex8200 | All versions |
Juniper Ex8200 Vc | All versions |
Juniper Ex9200 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 12.3x48 |
| Running on/with | Platform Versions |
|---|---|
Juniper Srx100 | All versions |
Juniper Srx110 | All versions |
Juniper Srx1400 | All versions |
Juniper Srx210 | All versions |
Juniper Srx220 | All versions |
Juniper Srx240 | All versions |
Juniper Srx3400 | All versions |
Juniper Srx3600 | All versions |
Juniper Srx550 | All versions |
Juniper Srx650 | All versions |
Configuration C
| Running on/with | Platform Versions |
|---|---|
Juniper Ex2200/vc | All versions |
Juniper Ex3200 | All versions |
Juniper Ex3300/vc | All versions |
Juniper Ex4200 | All versions |
Juniper Ex4300 | All versions |
Juniper Ex4550/vc | All versions |
Juniper Ex4600 | All versions |
Juniper Ex6200 | All versions |
Juniper Ex8200/vc (xre) | All versions |
Juniper Qfx3500 | All versions |
Juniper Qfx3600 | All versions |
Juniper Qfx5100 | All versions |
Configuration D
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 15.1x49 |
| Running on/with | Platform Versions |
|---|---|
Juniper Srx1500 | All versions |
Juniper Srx300 | All versions |
Juniper Srx320 | All versions |
Juniper Srx340 | All versions |
Juniper Srx345 | All versions |
Juniper Srx4100 | All versions |
Juniper Srx4200 | All versions |
Juniper Srx5400 | All versions |
Juniper Srx550 Hm | All versions |
Juniper Srx5600 | All versions |
Juniper Srx5800 | All versions |
Configuration G
| Running on/with | Platform Versions |
|---|---|
Juniper Qfx10002 | All versions |
Juniper Qfx10008 | All versions |
Juniper Qfx10016 | All versions |
Configuration H
| Running on/with | Platform Versions |
|---|---|
Juniper Qfx5110 | All versions |
Juniper Qfx5200 | All versions |
Configuration I
References (6)
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.