Vulnerability-Lookup

CVE-2019-0006 (GCVE-0-2019-0006)

Vulnerability from cvelistv5 – Published: 2019-01-15 21:00 – Updated: 2024-09-16 19:24

Title

Junos OS: EX, QFX and MX series: Packet Forwarding Engine manager (FXPC) process crashes due to a crafted HTTP packet in a Virtual Chassis configuration

Summary

A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-908 - Use of Uninitialized Resource

Assigner

juniper

References

URL

CVE-2019-0006

Vulnerability from fstec - Published: 09.01.2019

Title

Уязвимость операционной системы JunOS, позволяющая нарушителю выполнить произвольный код и вызвать отказ в обслуживании

Description

Уязвимость операционной системы JunOS вызвана неинициализированной привязкой указателя функции в Packet Forwarding Engine manager (fxpc). Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код и вызвать отказ в обслуживании с помощью специально сформированного HTTP-пакета

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

Juniper Networks Inc.

Software Name

JunOS

Software Version

от 14.1X53 до 14.1X53-D47 (JunOS), от 15.1 до 15.1R7-S3 (JunOS), от 15.1X53 до 15.1X53-D50 (JunOS)

Possible Mitigations

Использование рекомендаций: https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10906&cat=SIRT_1&actp=LIST

Reference

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10906&cat=SIRT_1&actp=LIST https://nvd.nist.gov/vuln/detail/CVE-2019-0006

CWE

CWE-908

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Juniper Networks Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 14.1X53 \u0434\u043e 14.1X53-D47 (JunOS), \u043e\u0442 15.1 \u0434\u043e 15.1R7-S3 (JunOS), \u043e\u0442 15.1X53 \u0434\u043e 15.1X53-D50 (JunOS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439: \nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10906\u0026cat=SIRT_1\u0026actp=LIST",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "09.01.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "23.01.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-00249",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-0006",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "JunOS",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b JunOS, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430 (CWE-908)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b JunOS \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043f\u0440\u0438\u0432\u044f\u0437\u043a\u043e\u0439 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0432 Packet Forwarding Engine manager (fxpc). \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e HTTP-\u043f\u0430\u043a\u0435\u0442\u0430",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10906\u0026cat=SIRT_1\u0026actp=LIST\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-0006",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-908",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}

CERTFR-2019-AVI-014

Vulnerability from certfr_avis - Published: 2019-01-10 - Updated: 2019-01-10

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Centreon	Web	SRC Series Application Server et Web Administrator versions antérieures à 4.12.0-R1
Juniper Networks	Junos OS	Junos OS versions 15.1 sur vMX Series
Juniper Networks	Junos OS	Junos OS versions 14.1X53, 15.1, 15.1X53, 16.1, 17.1, 17.2, 17.3, 17.4, 18.1 sur EX2300/EX3400, EX2300/EX3400 series, EX4600, QFX3K series, QFX5200/QFX5110 series et QFX5k series
Juniper Networks	Junos OS	Junos OS versions 14.1X53, 15.1, 15.1X53 sur EX Virtual Chassis Platforms, MX Virtual Chassis Platforms et QFX Virtual Chassis Platforms
Juniper Networks	Junos OS	Junos OS versions 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1F, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2 et 18.2X75
N/A	N/A	Juniper ATP
Juniper Networks	Junos OS	Junos OS versions 15.1X53, 18.1, 18.2 sur EX2300 et EX3400 series
Juniper Networks	Junos OS	Junos OS versions 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2 sur MX Series
Juniper Networks	Junos OS	Junos OS versions 12.3X48, 15.1X49, 17.3, 17.4, 18.1 et 18.2 sur SRX Series
Juniper Networks	Junos Space	Junos Space
Juniper Networks	Junos OS	Junos OS versions 12.1X46, 12.3X48, 15.1X49 sur SRX Series
Juniper Networks	Junos OS	Tous produits et toutes plateformes exécutant Junos OS
Juniper Networks	Junos OS	Junos OS versions 17.2X75, 17.4, 18.1 et 18.2 sur QFX et PTX Series

References

Title

Publication Time

GHSA-8768-G4FM-CCGH

Vulnerability from github – Published: 2022-05-13 01:05 – Updated: 2022-05-13 01:05

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-0006"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-01-15T21:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms.",
  "id": "GHSA-8768-g4fm-ccgh",
  "modified": "2022-05-13T01:05:26Z",
  "published": "2022-05-13T01:05:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0006"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA10906"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/106666"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2019-0006

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-0006

Aliases

CVE-2019-0006

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-0006",
    "description": "A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms.",
    "id": "GSD-2019-0006"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-0006"
      ],
      "details": "A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms.",
      "id": "GSD-2019-0006",
      "modified": "2023-12-13T01:23:38.970643Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "DATE_PUBLIC": "2019-01-09T17:00:00.000Z",
        "ID": "CVE-2019-0006",
        "STATE": "PUBLIC",
        "TITLE": "Junos OS: EX, QFX and MX series: Packet Forwarding Engine manager (FXPC) process crashes due to a crafted HTTP packet in a Virtual Chassis configuration "
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Junos OS",
                    "version": {
                      "version_data": [
                        {
                          "affected": "\u003c",
                          "platform": "EX Virtual Chassis Platforms, QFX Virtual Chassis Platforms",
                          "version_name": "14.1X53",
                          "version_value": "14.1X53-D47"
                        },
                        {
                          "affected": "\u003c",
                          "platform": "EX Virtual Chassis Platforms, QFX Virtual Chassis Platforms, MX Virtual Chassis Platforms",
                          "version_name": "15.1",
                          "version_value": "15.1R7-S3"
                        },
                        {
                          "affected": "\u003c",
                          "platform": "EX Virtual Chassis Platforms, QFX Virtual Chassis Platforms",
                          "version_name": "15.1X53",
                          "version_value": "15.1X53-D50"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability. This issue was seen in a production network where a routine security scan was performed on the device."
        }
      ],
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-908: Use of Uninitialized Resource"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "106666",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/106666"
          },
          {
            "name": "https://kb.juniper.net/JSA10906",
            "refsource": "CONFIRM",
            "url": "https://kb.juniper.net/JSA10906"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "The following Junos OS releases have been updated to resolve this specific issue: 14.1X53-D47, 15.1R7-S3, 16.1R1 and all subsequent releases.\n"
        }
      ],
      "source": {
        "advisory": "JSA10906",
        "defect": [
          "1351411",
          "1166070"
        ],
        "discovery": "USER"
      },
      "work_around": [
        {
          "lang": "eng",
          "value": "There are no viable workarounds for this issue."
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:14.1x53:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex3300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex8208:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex2200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex2200-c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex9214:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex9251:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex9253:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4550:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex6210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex8216:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex9253:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex2200-c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex9214:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex3300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex6210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex8208:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex8216:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex2200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4550:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex9251:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2019-0006"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-908"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10906",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://kb.juniper.net/JSA10906"
            },
            {
              "name": "106666",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/106666"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-10-28T12:48Z",
      "publishedDate": "2019-01-15T21:29Z"
    }
  }
}

FKIE_CVE-2019-0006

Vulnerability from fkie_nvd - Published: 2019-01-15 21:29 - Updated: 2024-11-21 04:16

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
sirt@juniper.net	http://www.securityfocus.com/bid/106666	Third Party Advisory, VDB Entry
sirt@juniper.net	https://kb.juniper.net/JSA10906	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/106666	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA10906	Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	junos	14.1x53
juniper	ex2200	-
juniper	ex2200-c	-
juniper	ex2300	-
juniper	ex2300-c	-
juniper	ex3300	-
juniper	ex3400	-
juniper	ex4200	-
juniper	ex4300	-
juniper	ex4500	-
juniper	ex4550	-
juniper	ex4600	-
juniper	ex4650	-
juniper	ex6210	-
juniper	ex8208	-
juniper	ex8216	-
juniper	ex9204	-
juniper	ex9208	-
juniper	ex9214	-
juniper	ex9251	-
juniper	ex9253	-
juniper	qfx10002	-
juniper	qfx10008	-
juniper	qfx10016	-
juniper	qfx3500	-
juniper	qfx3600	-
juniper	qfx5100	-
juniper	qfx5110	-
juniper	qfx5120	-
juniper	qfx5200	-
juniper	qfx5210	-
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	junos	15.1x53
juniper	ex2200	-
juniper	ex2200-c	-
juniper	ex2300	-
juniper	ex2300-c	-
juniper	ex3300	-
juniper	ex3400	-
juniper	ex4200	-
juniper	ex4300	-
juniper	ex4500	-
juniper	ex4550	-
juniper	ex4600	-
juniper	ex4650	-
juniper	ex6210	-
juniper	ex8208	-
juniper	ex8216	-
juniper	ex9204	-
juniper	ex9208	-
juniper	ex9214	-
juniper	ex9251	-
juniper	ex9253	-
juniper	qfx10002	-
juniper	qfx10008	-
juniper	qfx10016	-
juniper	qfx3500	-
juniper	qfx3600	-
juniper	qfx5100	-
juniper	qfx5110	-
juniper	qfx5120	-
juniper	qfx5200	-
juniper	qfx5210	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7FCCC1-B151-465A-8327-26DB5DC074F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d10:*:*:*:*:*:*",
              "matchCriteriaId": "09771B8F-8B2A-4E8B-B4D3-80677697FCF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d15:*:*:*:*:*:*",
              "matchCriteriaId": "55E2F909-E1CC-45AA-ABA9-58178B751808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d16:*:*:*:*:*:*",
              "matchCriteriaId": "E1AA12C5-4520-4F79-80BE-66112F7AFC2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d25:*:*:*:*:*:*",
              "matchCriteriaId": "807C8110-5CC2-45F0-B094-BBF9C0B63BDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d26:*:*:*:*:*:*",
              "matchCriteriaId": "547E5737-D385-49B9-A69F-A3B185A34116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d27:*:*:*:*:*:*",
              "matchCriteriaId": "2ED257ED-A56B-48A6-8568-65F36FFFC753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d30:*:*:*:*:*:*",
              "matchCriteriaId": "74500FC7-EE82-4AA8-9A5F-15DE4835E337",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d35:*:*:*:*:*:*",
              "matchCriteriaId": "AAE14AE1-6756-4831-A8D5-A6D07DB24AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d40:*:*:*:*:*:*",
              "matchCriteriaId": "A545D686-25FD-47CD-838A-CF69FB707253",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d45:*:*:*:*:*:*",
              "matchCriteriaId": "EB013C0D-893D-4A71-AF86-B63DB4464784",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:d46:*:*:*:*:*:*",
              "matchCriteriaId": "9A3CB6CF-A22B-43F8-8E92-6268BBF7E644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:14.1x53:r1:*:*:*:*:*:*",
              "matchCriteriaId": "F976AE31-75F6-4A52-A8F0-DCDDF62BBEEB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:ex2200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE3D4F71-8476-4F0D-A976-A308D6483D6D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex2200-c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7BD5636-93D5-4C06-964F-00055DF6B2B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B3302CB-457F-4BD2-B80B-F70FB4C4542E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "979C3597-C53B-4F4B-9EA7-126DA036C86D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex3300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC326549-217D-4194-8310-AB398D6FF3F0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DAF5E7-E610-4D74-8573-41C16D642837",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53269C69-3D1E-4F05-8EF6-81743D7A699E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E594D6DC-87F6-40D2-8268-ED6021462168",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDEE8AE4-B393-442C-AD68-4AC43E76A8F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7E98077-92AF-4E3E-96F0-2E6F9D6343D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B425BB1-3C78-42B1-A6C1-216E514191F0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex6210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71FF88C7-89CB-4E04-BADA-AD64F8060C6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex8208:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72E67A5A-0DFF-42D9-81A7-570E9BCA463D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex8216:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B51C5371-51E9-40AE-8619-BC1267DD1D08",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E82CE3-F43D-4B29-A64D-B14ADB6CC357",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13C0199E-B9F0-41D3-B625-083990517CDF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex9214:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8790B456-DFC7-4E82-9A0C-C89787139B79",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex9251:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "079290E9-DCC5-43F7-9480-64874DBF2696",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex9253:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EA71434-CCBF-4A55-8B30-D213A43E8641",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1401145-D8EC-4DB9-9CDE-9DE6C0D000C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1453E42A-77B3-4922-8EC3-1A5668C39550",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26408465-BD6A-4416-B98E-691A5F651080",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A336BD3-4AB0-4E9E-8AD5-E6413A5A53FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F4D44B0-E6CE-4380-8712-AC832DBCB424",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09EBDE4B-764F-4DF1-844A-BB8A52CD53EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D877320D-1997-4B66-B11B-864020C755E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
              "matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*",
              "matchCriteriaId": "08FC0245-A4FF-42C0-A236-8569301E351A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*",
              "matchCriteriaId": "120EA9E3-788B-4CFD-A74F-17111FFD0131",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
              "matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
              "matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
              "matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
              "matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
              "matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
              "matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x53:d50:*:*:*:*:*:*",
              "matchCriteriaId": "D58997E6-96B4-4930-A29D-B49D06DFA9D5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:ex2200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE3D4F71-8476-4F0D-A976-A308D6483D6D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex2200-c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7BD5636-93D5-4C06-964F-00055DF6B2B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex2300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B3302CB-457F-4BD2-B80B-F70FB4C4542E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex2300-c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "979C3597-C53B-4F4B-9EA7-126DA036C86D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex3300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC326549-217D-4194-8310-AB398D6FF3F0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DAF5E7-E610-4D74-8573-41C16D642837",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53269C69-3D1E-4F05-8EF6-81743D7A699E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E594D6DC-87F6-40D2-8268-ED6021462168",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDEE8AE4-B393-442C-AD68-4AC43E76A8F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7E98077-92AF-4E3E-96F0-2E6F9D6343D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B425BB1-3C78-42B1-A6C1-216E514191F0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex6210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71FF88C7-89CB-4E04-BADA-AD64F8060C6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex8208:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72E67A5A-0DFF-42D9-81A7-570E9BCA463D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex8216:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B51C5371-51E9-40AE-8619-BC1267DD1D08",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E82CE3-F43D-4B29-A64D-B14ADB6CC357",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13C0199E-B9F0-41D3-B625-083990517CDF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex9214:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8790B456-DFC7-4E82-9A0C-C89787139B79",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex9251:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "079290E9-DCC5-43F7-9480-64874DBF2696",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex9253:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EA71434-CCBF-4A55-8B30-D213A43E8641",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1401145-D8EC-4DB9-9CDE-9DE6C0D000C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx10008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1453E42A-77B3-4922-8EC3-1A5668C39550",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx10016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26408465-BD6A-4416-B98E-691A5F651080",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A336BD3-4AB0-4E9E-8AD5-E6413A5A53FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F4D44B0-E6CE-4380-8712-AC832DBCB424",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09EBDE4B-764F-4DF1-844A-BB8A52CD53EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D877320D-1997-4B66-B11B-864020C755E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms."
    },
    {
      "lang": "es",
      "value": "Cierto paquete HTTP manipulado puede desencadenar una vulnerabilidad de desreferencia de puntero de funci\u00f3n no inicializada en el gestor Packet Forwarding Engine (fxpc) en todos los dispositivos de las series EX, QFX y MX en una configuraci\u00f3n de Virtual Chassis. Este problema puede resultar en el cierre inesperado del demonio fxpc o a la ejecuci\u00f3n remota de c\u00f3digo. Este problema solo ocurre cuando el paquete manipulado est\u00e1 destinado al dispositivo. Las versiones afectadas son Juniper Networks Junos OS: 14.1X53 en versiones anteriores a la 14.1X53-D47 en las plataformas Virtual Chassis EX y QFX; 15.1 en versiones anteriores a la 15.1R7-S3 en todas las plataformas Virtual Chassis; 15.1X53 en versiones anteriores a la 15.1X53-D50 en las plataformas Virtual Chassis EX y QFX."
    }
  ],
  "id": "CVE-2019-0006",
  "lastModified": "2024-11-21T04:16:01.887",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-01-15T21:29:01.027",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/106666"
    },
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10906"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/106666"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA10906"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-908"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-908"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-0006 (GCVE-0-2019-0006)

CVE-2019-0006

CERTFR-2019-AVI-014

Solution

GHSA-8768-G4FM-CCGH

GSD-2019-0006

FKIE_CVE-2019-0006

Tags

Sightings

Nomenclature