Vulnerability-Lookup

CVE-2019-0060 (GCVE-0-2019-0060)

Vulnerability from cvelistv5 – Published: 2019-10-09 19:26 – Updated: 2024-09-16 20:51

Title

Junos OS: SRX Series: flowd process crash due to processing of specific transit IP packets

Summary

The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Denial of Service
CWE-755 - Improper Handling of Exceptional Conditions

Assigner

juniper

References

URL

	Vendor	Product	Version
	Juniper Networks	Junos OS	Affected: 15.1X49 , < 15.1X49-D171, 15.1X49-D180 (custom) Affected: 18.2R2-S1 , < 18.2* (custom) Affected: 18.4 , < 18.4R2 (custom)

GHSA-C5VR-66HV-6685

Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2022-05-24 16:58

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-0060"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-09T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series.",
  "id": "GHSA-c5vr-66hv-6685",
  "modified": "2022-05-24T16:58:12Z",
  "published": "2022-05-24T16:58:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0060"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA10959"
    },
    {
      "type": "WEB",
      "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2019-0060

Vulnerability from fkie_nvd - Published: 2019-10-09 20:15 - Updated: 2024-11-21 04:16

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
sirt@juniper.net	https://kb.juniper.net/JSA10959	Vendor Advisory
sirt@juniper.net	https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA10959	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html	Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	junos	15.1x49
juniper	csrx	-
juniper	srx100	-
juniper	srx110	-
juniper	srx1400	-
juniper	srx1500	-
juniper	srx210	-
juniper	srx220	-
juniper	srx240	-
juniper	srx300	-
juniper	srx320	-
juniper	srx340	-
juniper	srx3400	-
juniper	srx345	-
juniper	srx3600	-
juniper	srx4100	-
juniper	srx4200	-
juniper	srx4600	-
juniper	srx5400	-
juniper	srx550	-
juniper	srx550_hm	-
juniper	srx5600	-
juniper	srx5800	-
juniper	srx650	-
juniper	vsrx	-
juniper	junos	18.2
juniper	junos	18.2
juniper	csrx	-
juniper	srx100	-
juniper	srx110	-
juniper	srx1400	-
juniper	srx1500	-
juniper	srx210	-
juniper	srx220	-
juniper	srx240	-
juniper	srx300	-
juniper	srx320	-
juniper	srx340	-
juniper	srx3400	-
juniper	srx345	-
juniper	srx3600	-
juniper	srx4100	-
juniper	srx4200	-
juniper	srx4600	-
juniper	srx5400	-
juniper	srx550	-
juniper	srx550_hm	-
juniper	srx5600	-
juniper	srx5800	-
juniper	srx650	-
juniper	vsrx	-
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	csrx	-
juniper	srx100	-
juniper	srx110	-
juniper	srx1400	-
juniper	srx1500	-
juniper	srx210	-
juniper	srx220	-
juniper	srx240	-
juniper	srx300	-
juniper	srx320	-
juniper	srx340	-
juniper	srx3400	-
juniper	srx345	-
juniper	srx3600	-
juniper	srx4100	-
juniper	srx4200	-
juniper	srx4600	-
juniper	srx5400	-
juniper	srx550	-
juniper	srx550_hm	-
juniper	srx5600	-
juniper	srx5800	-
juniper	srx650	-
juniper	vsrx	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*",
              "matchCriteriaId": "27A6BF09-ABBF-4126-ADD6-B174937F8554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
              "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
              "matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
              "matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
              "matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*",
              "matchCriteriaId": "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*",
              "matchCriteriaId": "C808E08F-1992-43DD-A106-E920DC784831",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*",
              "matchCriteriaId": "E288F54B-AEA3-412F-85A4-EBDFE74DB84F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d160:*:*:*:*:*:*",
              "matchCriteriaId": "02AAC05C-1C4B-4F35-A286-52D20DFD6212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d170:*:*:*:*:*:*",
              "matchCriteriaId": "080422D3-B508-4049-B558-4B04BF2E8AB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
              "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
              "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
              "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
              "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
              "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
              "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
              "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
              "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
              "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
              "matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
              "matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
              "matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
              "matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "238EC996-8E8C-4332-916F-09E54E6EBB9D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series."
    },
    {
      "lang": "es",
      "value": "El proceso flowd, responsable de reenviar el tr\u00e1fico en las puertas de enlace de servicios de la Serie SRX, puede bloquearse y reiniciarse cuando se procesan paquetes IP de tr\u00e1nsito espec\u00edfico por medio de un t\u00fanel IPSec. El procesamiento continuo de estos paquetes puede resultar en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) extendida. Este problema solo se presenta cuando los t\u00faneles IPSec est\u00e1n configurados. Los sistemas sin configuraciones de t\u00fanel IPSec no son vulnerables a este problema. Este problema afecta a Juniper Networks Junos OS: versiones 15.1X49 anteriores a 15.1X49-D171, 15.1X49-D180 en la serie SRX; versiones 18.2 hasta 18.2R2-S1 y posteriores, versiones anteriores a 18.2R3 en la serie SRX; versiones 18.4 anteriores a 18.4R2 en la serie SRX."
    }
  ],
  "id": "CVE-2019-0060",
  "lastModified": "2024-11-21T04:16:09.710",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-09T20:15:16.987",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10959"
    },
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2019-0060

Vulnerability from fstec - Published: 09.10.2019

Title

Уязвимость операционной системы Junos OS маршрутизаторов SRX Series, связанная с ошибками обработки IP-пакетов, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость операционной системы Junos OS маршрутизаторов SRX Series связана с ошибками обработки IP-пакетов, проходящих через IPsec-туннель. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vendor

Juniper Networks Inc.

Software Name

JunOS

Software Version

до 18.2R3 (JunOS), до 18.4R2 (JunOS), до 19.1R1 (JunOS), до 15.1X49-D171 (JunOS), до 15.1X49-D180 (JunOS)

Possible Mitigations

Использование рекомендаций: https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10959&cat=SIRT_1&actp=LIST

Reference

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10959&cat=SIRT_1&actp=LIST

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Juniper Networks Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 18.2R3 (JunOS), \u0434\u043e 18.4R2 (JunOS), \u0434\u043e 19.1R1 (JunOS), \u0434\u043e 15.1X49-D171 (JunOS), \u0434\u043e 15.1X49-D180 (JunOS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10959\u0026cat=SIRT_1\u0026actp=LIST",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "09.10.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "16.10.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-03659",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-0060",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "JunOS",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Juniper Networks Inc. JunOS \u0434\u043e 15.1X49-D180 Juniper SRX Series, Juniper Networks Inc. JunOS \u0434\u043e 15.1X49-D171 Juniper SRX Series, Juniper Networks Inc. JunOS \u0434\u043e 18.2R3 Juniper SRX Series, Juniper Networks Inc. JunOS \u0434\u043e 18.4R2 Juniper SRX Series, Juniper Networks Inc. JunOS \u0434\u043e 19.1R1 Juniper SRX Series",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Junos OS \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 SRX Series, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 IP-\u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Junos OS \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 SRX Series \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 IP-\u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u043f\u0440\u043e\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u0447\u0435\u0440\u0435\u0437 IPsec-\u0442\u0443\u043d\u043d\u0435\u043b\u044c. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10959\u0026cat=SIRT_1\u0026actp=LIST",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

CNVD-2019-41479

Vulnerability from cnvd - Published: 2019-11-19

Title

Juniper Networks Junos OS存在未明漏洞（CNVD-2019-41479）

Description

Juniper Networks Junos OS是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Networks Junos OS 15.1X49版本、18.2版本和18.4版本（运行在SRX Series）存在安全漏洞。攻击者可利用该漏洞造成拒绝服务。

Severity

中

Patch Name

Juniper Networks Junos OS存在未明漏洞（CNVD-2019-41479）的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10959&actp=METADATA

Reference

https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html

Impacted products

Name
['Juniper Networks Juniper Networks Junos OS 18.2', 'Juniper Networks Juniper Networks Junos OS 18.4', 'Juniper Networks Juniper Networks Junos OS X49']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-0060",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-0060"
    }
  },
  "description": "Juniper Networks Junos OS\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u8bbe\u5907\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunos SDK\u3002\n\nJuniper Networks Junos OS 15.1X49\u7248\u672c\u300118.2\u7248\u672c\u548c18.4\u7248\u672c\uff08\u8fd0\u884c\u5728SRX Series\uff09\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10959\u0026actp=METADATA",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-41479",
  "openTime": "2019-11-19",
  "patchDescription": "Juniper Networks Junos OS\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u8bbe\u5907\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunos SDK\u3002\r\n\r\nJuniper Networks Junos OS 15.1X49\u7248\u672c\u300118.2\u7248\u672c\u548c18.4\u7248\u672c\uff08\u8fd0\u884c\u5728SRX Series\uff09\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Juniper Networks Junos OS\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2019-41479\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Juniper Networks Juniper Networks Junos OS 18.2",
      "Juniper Networks Juniper Networks Junos OS 18.4",
      "Juniper Networks Juniper Networks Junos OS X49"
    ]
  },
  "referenceLink": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html",
  "serverity": "\u4e2d",
  "submitTime": "2019-11-14",
  "title": "Juniper Networks Junos OS\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2019-41479\uff09"
}

CERTFR-2019-AVI-500

Vulnerability from certfr_avis - Published: 2019-10-10 - Updated: 2019-10-10

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer aux bulletins de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Produits NFX, Junos OS versions antérieures à 18.2R1, 18.2X75-D5
Produits CTP, CTPView versions antérieures à 7.3R6
Produits EX, Junos OS versions antérieures à 12.3R12-S15
Produits SRX
- Junos OS versions antérieures à 12.3X48-D80, 15.1X49-D120, 15.1X49-D150, 15.1X49-D171, 15.1X49-D180, à partir de la version 18.2R2-S1 et antérieures à 18.2R3, 18.4R2, ainsi que les versions antérieures à 18.2R3, 19.2R1 pour la série SRX 5000
- Junos OS avec J-Web activé versions antérieures à 12.3X48-D85, 15.1X49-D180
- Junos OS avec SIP ALG activé versions antérieures à 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2
Produits MX
- Junos OS gamme MX480, MX960, MX2008, MX2010, MX2020 versions antérieures à 18.1R2-S4, 18.1R3-S5, 18.1X75-D10 et ultérieures, versions antérieures à 18.2R1-S5, 18.2R2-S3, 18.2R3, 18.2X75-D50, 18.3R1-S4, 18.3R2, 18.3R3, 18.4R1-S2, 18.4R2
- Junos OS avec DHCPv6 activé versions antérieures à 15.1R7-S5, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R3-S2, 17.3R3-S6, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S4, 18.2R3, 18.2X75-D50, 18.3R1-S5, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2
- Junos OS avec cartes MS-PIC, MS-MIC ou MS-MPC et activation de NAT et SIP ALG, versions antérieures 16.1R7-S5, 16.2R2-S11, 17.1R3, 17.2R3-S3, 17.3R3-S6, 17.4R2-S8, 17.4R3, 18.1R3-S3, 18.2R3, 18.3R2, 18.4R
Toutes séries
- Junos OS versions antérieures à 15.1F6-S12, 15.1R7-S2, 15.1X49-D171, 15.1X49-D180, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 15.1X53-D496, 15.1X53-D68, 15.1X53-D69, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.2R3-S1, 17.3R2-S4, 17.3R3, 17.3R3-S4, 17.4R1-S6, 17.4R1-S7, 17.4R2-S3, 17.4R3, 18.1R2-S4, 18.1R3-S1, 18.1X75, 18.2R1-S5, 18.2R2-S2, 18.2R3, 18.3R1-S3, 18.3R2, 18.4R1-S2, 18.4R2
- Junos OS avec J-Web activé versions antérieures à 14.1X53-D51, 15.1F6-S13, 15.1R7-S5, 15.1X53-D238, 16.1R4-S13, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R2-S8, 17.2R3-S3, 17.3R3-S5, 17.4R2-S8, 17.4R3, 18.1R3-S8, 18.2R3, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2
- Junos OS sur des équipements avec l'option Multi-Chassis Link Aggregation Group (MC-LAG) activée, versions ultérieures à 15.1 et antérieures à 16.1R6-S2, 16.1R7, 16.2R2-S10, 17.1R3

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

GSD-2019-0060

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-0060

Aliases

CVE-2019-0060

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-0060",
    "description": "The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series.",
    "id": "GSD-2019-0060"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-0060"
      ],
      "details": "The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series.",
      "id": "GSD-2019-0060",
      "modified": "2023-12-13T01:23:39.484014Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
        "ID": "CVE-2019-0060",
        "STATE": "PUBLIC",
        "TITLE": "Junos OS: SRX Series: flowd process crash due to processing of specific transit IP packets"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Junos OS",
                    "version": {
                      "version_data": [
                        {
                          "platform": "SRX Series",
                          "version_affected": "\u003c",
                          "version_name": "15.1X49",
                          "version_value": "15.1X49-D171, 15.1X49-D180"
                        },
                        {
                          "platform": "SRX Series",
                          "version_affected": "\u003e=",
                          "version_name": "18.2",
                          "version_value": "18.2R2-S1"
                        },
                        {
                          "platform": "SRX Series",
                          "version_affected": "\u003c",
                          "version_name": "18.2",
                          "version_value": "18.2R3"
                        },
                        {
                          "platform": "SRX Series",
                          "version_affected": "\u003c",
                          "version_name": "18.4",
                          "version_value": "18.4R2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "configuration": [
        {
          "lang": "eng",
          "value": "The following example shows a sample IPSec tunnel configuration:\n\n  [edit security ipsec]\n  security-association manual-sa1 {\n  ...\n  }\n\n  [edit interfaces es-0/1/0]\n  ...\n  family inet {\n    ipsec-sa manual-sa1;\n"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "generator": {
        "engine": "Vulnogram 0.0.8"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of Service"
              }
            ]
          },
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-755 Improper Handling of Exceptional Conditions"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://kb.juniper.net/JSA10959",
            "refsource": "MISC",
            "url": "https://kb.juniper.net/JSA10959"
          },
          {
            "name": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html",
            "refsource": "MISC",
            "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "The following software releases have been updated to resolve this specific issue: 15.1X49-D171, 15.1X49-D180, 18.2R3, 18.4R2, 19.1R1, and all subsequent releases.\n"
        }
      ],
      "source": {
        "advisory": "JSA10959",
        "defect": [
          "1409277"
        ],
        "discovery": "USER"
      },
      "work_around": [
        {
          "lang": "eng",
          "value": "There are no viable workarounds for this issue."
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d160:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d170:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2019-0060"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-755"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html"
            },
            {
              "name": "https://kb.juniper.net/JSA10959",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://kb.juniper.net/JSA10959"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2021-02-05T16:49Z",
      "publishedDate": "2019-10-09T20:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-0060 (GCVE-0-2019-0060)

GHSA-C5VR-66HV-6685

FKIE_CVE-2019-0060

CVE-2019-0060

CNVD-2019-41479

CERTFR-2019-AVI-500

Solution

GSD-2019-0060

Tags

Sightings

Nomenclature