CVE-2019-0003
5.9
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 2.2 / Impact: 3.6
Source: NVD
Description
When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, causing the routing protocol daemon (rpd) process to crash with a core file being generated. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions prior to 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 15.1 versions prior to 15.1R3; 15.1F versions prior to 15.1F3; 15.1X49 versions prior to 15.1X49-D140 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400.
Affected (90)
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 14.1x53 |
| Running on/with | Platform Versions |
|---|---|
Juniper Ex2200/vc | All versions |
Juniper Ex3200 | All versions |
Juniper Ex3300/vc | All versions |
Juniper Ex4200 | All versions |
Juniper Ex4300 | All versions |
Juniper Ex4550/vc | All versions |
Juniper Ex4600 | All versions |
Juniper Ex6200 | All versions |
Juniper Ex8200/vc (xre) | All versions |
Juniper Qfx3500 | All versions |
Juniper Qfx3600 | All versions |
Juniper Qfx5100 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 15.1x49 d100 |
| Running on/with | Platform Versions |
|---|---|
Juniper Srx100 | All versions |
Juniper Srx110 | All versions |
Juniper Srx1400 | All versions |
Juniper Srx1500 | All versions |
Juniper Srx210 | All versions |
Juniper Srx220 | All versions |
Juniper Srx240 | All versions |
Juniper Srx300 | All versions |
Juniper Srx320 | All versions |
Juniper Srx340 | All versions |
Juniper Srx3400 | All versions |
Juniper Srx345 | All versions |
Juniper Srx3600 | All versions |
Juniper Srx4100 | All versions |
Juniper Srx4200 | All versions |
Juniper Srx5400 | All versions |
Juniper Srx550 | All versions |
Juniper Srx5600 | All versions |
Juniper Srx5800 | All versions |
Juniper Srx650 | All versions |
References (4)
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Timeline
No history available yet.