CVE-2019-0014
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down. By continuously sending the offending packet, an attacker can repeatedly crash the FPC process causing a sustained Denial of Service (DoS). This issue affects both IPv4 and IPv6 packet processing. Affected releases are Juniper Networks Junos OS on QFX and PTX Series: 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1; 18.2 versions prior to 18.2R1-S3, 18.2R2; 17.2X75 versions prior to 17.2X75-D91, 17.2X75-D100.
Affected (7)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 17.2x75 d102 |
| Running on/with | Platform Versions |
|---|---|
Juniper Ptx1000 | All versions |
Juniper Ptx10002 | All versions |
Juniper Ptx10008 | All versions |
Juniper Ptx10016 | All versions |
Juniper Ptx3000 | All versions |
Juniper Ptx5000 | All versions |
Juniper Qfx10002 | All versions |
Juniper Qfx10008 | All versions |
Juniper Qfx10016 | All versions |
Juniper Qfx3500 | All versions |
Juniper Qfx3600 | All versions |
Juniper Qfx5100 | All versions |
Juniper Qfx5110 | All versions |
Juniper Qfx5120 | All versions |
Juniper Qfx5200 | All versions |
Juniper Qfx5210 | All versions |
Related CWEs
References (4)
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationPatchVendor Advisory
Timeline
No history available yet.