CVE-2019-0059

Published: Oct 9, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A memory leak vulnerability in the of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific commands from a peered BGP host and having those BGP states delivered to the vulnerable device. This issue affects: Juniper Networks Junos OS: 18.1 versions prior to 18.1R2-S4, 18.1R3-S1; 18.1X75 all versions. Versions before 18.1R1 are not affected.

Affected (6)

Products: Juniper: Junos

Juniper

1 product

Junos

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Juniper Junos	Version 18.1 r2-s1
Juniper Junos	Version 18.1 r2-s2
Juniper Junos	Version 18.1 r2
Juniper Junos	Version 18.1 r3
Juniper Junos	Version 18.1x75
Juniper Junos	Version 18.1x75 d10

Related CWEs

CWE-400

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

CWE-401

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (2)

https://kb.juniper.net/JSA10957

Source: sirt@juniper.net

Vendor Advisory

https://kb.juniper.net/JSA10957

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.