Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-0066 (GCVE-0-2019-0066)
Vulnerability from cvelistv5 – Published: 2019-10-09 19:26 – Updated: 2024-09-16 22:15
VLAI?
EPSS
Title
Junos OS: A malformed IPv4 packet received by Junos in an NG-mVPN scenario may cause the routing protocol daemon (rpd) process to core
Summary
An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3.
Severity ?
7.5 (High)
CWE
- CWE-394 - Unexpected Status Code or Return Value
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
15.1 , < 15.1F6-S12, 15.1R7-S2
(custom)
Affected: 16.1 , < 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2 (custom) Affected: 16.2 , < 16.2R2-S7 (custom) Affected: 17.1 , < 17.1R2-S9, 17.1R3 (custom) Affected: 17.2 , < 17.2R1-S7, 17.2R2-S6, 17.2R3 (custom) Affected: 17.3 , < 17.3R2-S4, 17.3R3 (custom) Affected: 15.1X53 , < 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590 (custom) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:37:07.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10965"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "15.1F6-S12, 15.1R7-S2",
"status": "affected",
"version": "15.1",
"versionType": "custom"
},
{
"lessThan": "16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2",
"status": "affected",
"version": "16.1",
"versionType": "custom"
},
{
"lessThan": "16.2R2-S7",
"status": "affected",
"version": "16.2",
"versionType": "custom"
},
{
"lessThan": "17.1R2-S9, 17.1R3",
"status": "affected",
"version": "17.1",
"versionType": "custom"
},
{
"lessThan": "17.2R1-S7, 17.2R2-S6, 17.2R3",
"status": "affected",
"version": "17.2",
"versionType": "custom"
},
{
"lessThan": "17.3R2-S4, 17.3R3",
"status": "affected",
"version": "17.3",
"versionType": "custom"
},
{
"lessThan": "15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590",
"status": "affected",
"version": "15.1X53",
"versionType": "custom"
}
]
},
{
"platforms": [
"SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "15.1X49-D150",
"status": "affected",
"version": "15.1X49",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-10-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-394",
"description": "CWE-394 Unexpected Status Code or Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T19:26:17.000Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.juniper.net/JSA10965"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 15.1F6-S12, 15.1R7-S2, 15.1X49-D150, 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R2-S9, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.3R2-S4, 17.3R3, 17.4R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10965",
"defect": [
"1309982"
],
"discovery": "INTERNAL"
},
"title": "Junos OS: A malformed IPv4 packet received by Junos in an NG-mVPN scenario may cause the routing protocol daemon (rpd) process to core",
"workarounds": [
{
"lang": "en",
"value": "Discontinue use of BGP services if not needed. Otherwise, there are no viable workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
"ID": "CVE-2019-0066",
"STATE": "PUBLIC",
"TITLE": "Junos OS: A malformed IPv4 packet received by Junos in an NG-mVPN scenario may cause the routing protocol daemon (rpd) process to core"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "15.1",
"version_value": "15.1F6-S12, 15.1R7-S2"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "15.1X49",
"version_value": "15.1X49-D150"
},
{
"version_affected": "\u003c",
"version_name": "16.1",
"version_value": "16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2"
},
{
"version_affected": "\u003c",
"version_name": "16.2",
"version_value": "16.2R2-S7"
},
{
"version_affected": "\u003c",
"version_name": "17.1",
"version_value": "17.1R2-S9, 17.1R3"
},
{
"version_affected": "\u003c",
"version_name": "17.2",
"version_value": "17.2R1-S7, 17.2R2-S6, 17.2R3"
},
{
"version_affected": "\u003c",
"version_name": "17.3",
"version_value": "17.3R2-S4, 17.3R3"
},
{
"version_affected": "\u003c",
"version_name": "15.1X53",
"version_value": "15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-394 Unexpected Status Code or Return Value"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10965",
"refsource": "MISC",
"url": "https://kb.juniper.net/JSA10965"
},
{
"name": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html",
"refsource": "MISC",
"url": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 15.1F6-S12, 15.1R7-S2, 15.1X49-D150, 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R2-S9, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.3R2-S4, 17.3R3, 17.4R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10965",
"defect": [
"1309982"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Discontinue use of BGP services if not needed. Otherwise, there are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2019-0066",
"datePublished": "2019-10-09T19:26:17.824Z",
"dateReserved": "2018-10-11T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:15:50.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CNVD-2019-41477
Vulnerability from cnvd - Published: 2019-11-19
VLAI Severity ?
Title
Juniper Networks Junos OS输入验证错误漏洞(CNVD-2019-41477)
Description
Juniper Networks Junos OS是美国瞻博网络(Juniper Networks)公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。
Juniper Networks Junos OS中存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。攻击者可利用该漏洞接收格式错误的数据包将导致持续的拒绝服务状况。
Severity
低
Patch Name
Juniper Networks Junos OS输入验证错误漏洞(CNVD-2019-41477)的补丁
Patch Description
Juniper Networks Junos OS是美国瞻博网络(Juniper Networks)公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。
Juniper Networks Junos OS中存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。攻击者可利用该漏洞接收格式错误的数据包将导致持续的拒绝服务状况。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10965&actp=METADATA
Reference
https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html
Impacted products
| Name | ['Juniper Networks Juniper Networks Junos OS 15.1', 'Juniper Networks Juniper Networks Junos OS 16.2', 'Juniper Networks Juniper Networks Junos OS 17.1', 'Juniper Networks Juniper Networks Junos OS 17.2', 'Juniper Networks Juniper Networks Junos OS 17.3', 'Juniper Networks Juniper Networks Junos OS 16.1', 'Juniper Networks Juniper Networks Junos OS X53', 'Juniper Networks Juniper Networks Junos OS X49'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-0066",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-0066"
}
},
"description": "Juniper Networks Junos OS\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u8bbe\u5907\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunos SDK\u3002\n\nJuniper Networks Junos OS\u4e2d\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63a5\u6536\u683c\u5f0f\u9519\u8bef\u7684\u6570\u636e\u5305\u5c06\u5bfc\u81f4\u6301\u7eed\u7684\u62d2\u7edd\u670d\u52a1\u72b6\u51b5\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10965\u0026actp=METADATA",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-41477",
"openTime": "2019-11-19",
"patchDescription": "Juniper Networks Junos OS\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u8bbe\u5907\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunos SDK\u3002\r\n\r\nJuniper Networks Junos OS\u4e2d\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63a5\u6536\u683c\u5f0f\u9519\u8bef\u7684\u6570\u636e\u5305\u5c06\u5bfc\u81f4\u6301\u7eed\u7684\u62d2\u7edd\u670d\u52a1\u72b6\u51b5\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Juniper Networks Junos OS\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2019-41477\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Juniper Networks Juniper Networks Junos OS 15.1",
"Juniper Networks Juniper Networks Junos OS 16.2",
"Juniper Networks Juniper Networks Junos OS 17.1",
"Juniper Networks Juniper Networks Junos OS 17.2",
"Juniper Networks Juniper Networks Junos OS 17.3",
"Juniper Networks Juniper Networks Junos OS 16.1",
"Juniper Networks Juniper Networks Junos OS X53",
"Juniper Networks Juniper Networks Junos OS X49"
]
},
"referenceLink": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html",
"serverity": "\u4f4e",
"submitTime": "2019-11-14",
"title": "Juniper Networks Junos OS\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2019-41477\uff09"
}
GHSA-52P2-4WQ3-XF8G
Vulnerability from github – Published: 2022-05-24 16:58 – Updated: 2022-05-24 16:58
VLAI?
Details
An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3.
{
"affected": [],
"aliases": [
"CVE-2019-0066"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-10-09T20:15:00Z",
"severity": "HIGH"
},
"details": "An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3.",
"id": "GHSA-52p2-4wq3-xf8g",
"modified": "2022-05-24T16:58:13Z",
"published": "2022-05-24T16:58:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0066"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA10965"
},
{
"type": "WEB",
"url": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
CVE-2019-0066
Vulnerability from fstec - Published: 09.10.2019
VLAI Severity ?
Title
Уязвимость службы Next-Generation Multicast VPN (NG-mVPN) операционной системы Junos OS, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость службы Next-Generation Multicast VPN (NG-mVPN) операционной системы Junos OS связана с отсутствием проверки возвращаемых данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании путем отправки специально сформированных IPv4-пакетов
Severity ?
Vendor
Juniper Networks Inc.
Software Name
JunOS
Software Version
до 15.1F6-S12 (JunOS), до 16.1R3-S10 (JunOS), до 16.1R6-S6 (JunOS), до 17.1R3 (JunOS), до 17.3R3 (JunOS), до 15.1R7-S2 (JunOS), до 15.1X49-D150 (JunOS), до 15.1X53-D68 (JunOS), до 15.1X53-D235 (JunOS), до 15.1X53-D495 (JunOS), до 15.1X53-D590 (JunOS), до 16.1R4-S12 (JunOS), до 16.1R7-S2 (JunOS), до 16.2R2-S7 (JunOS), до 17.1R2-S9 (JunOS), до 17.2R1-S7 (JunOS), до 17.2R2-S6 (JunOS), до 17.2R3 (JunOS), до 17.3R2-S4 (JunOS)
Possible Mitigations
Использование рекомендаций:
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10965&actp=METADATA
Reference
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10965&actp=METADATA
CWE
CWE-252
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Juniper Networks Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 15.1F6-S12 (JunOS), \u0434\u043e 16.1R3-S10 (JunOS), \u0434\u043e 16.1R6-S6 (JunOS), \u0434\u043e 17.1R3 (JunOS), \u0434\u043e 17.3R3 (JunOS), \u0434\u043e 15.1R7-S2 (JunOS), \u0434\u043e 15.1X49-D150 (JunOS), \u0434\u043e 15.1X53-D68 (JunOS), \u0434\u043e 15.1X53-D235 (JunOS), \u0434\u043e 15.1X53-D495 (JunOS), \u0434\u043e 15.1X53-D590 (JunOS), \u0434\u043e 16.1R4-S12 (JunOS), \u0434\u043e 16.1R7-S2 (JunOS), \u0434\u043e 16.2R2-S7 (JunOS), \u0434\u043e 17.1R2-S9 (JunOS), \u0434\u043e 17.2R1-S7 (JunOS), \u0434\u043e 17.2R2-S6 (JunOS), \u0434\u043e 17.2R3 (JunOS), \u0434\u043e 17.3R2-S4 (JunOS)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10965\u0026actp=METADATA",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "09.10.2019",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "16.10.2019",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-03666",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-0066",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "JunOS",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Juniper Networks Inc. JunOS \u0434\u043e 15.1X49-D150 Juniper SRX Series, Juniper Networks Inc. JunOS - ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b Next-Generation Multicast VPN (NG-mVPN) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Junos OS, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0435 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u043c\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 (CWE-252)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b Next-Generation Multicast VPN (NG-mVPN) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Junos OS \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 IPv4-\u043f\u0430\u043a\u0435\u0442\u043e\u0432",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10965\u0026actp=METADATA",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-252",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
FKIE_CVE-2019-0066
Vulnerability from fkie_nvd - Published: 2019-10-09 20:15 - Updated: 2024-11-21 04:16
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:a1:*:*:*:*:*:*",
"matchCriteriaId": "83AB8877-3DC0-4B8C-B864-1BF18C368337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*",
"matchCriteriaId": "C56F5C48-BA48-4EE1-88BE-782B3CFB3B90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
"matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s1:*:*:*:*:*:*",
"matchCriteriaId": "AC196685-3B0C-4754-AE6A-6BE456CC6B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s2:*:*:*:*:*:*",
"matchCriteriaId": "F0146AA9-C513-4871-A62A-52C9F40EB958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s3:*:*:*:*:*:*",
"matchCriteriaId": "A18672EF-E33D-4ACE-BB0A-561812F502C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s4:*:*:*:*:*:*",
"matchCriteriaId": "CEF0E75F-831E-40B8-926D-B2E92A84E31B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*",
"matchCriteriaId": "0E0ECBD8-3D66-49DA-A557-5695159F0C06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*",
"matchCriteriaId": "0EAA2998-A0D6-4818-9E7C-25E8099403E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*",
"matchCriteriaId": "2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*",
"matchCriteriaId": "71D211B9-B2FE-4324-AAEE-8825D5238E48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:f6-s3:*:*:*:*:*:*",
"matchCriteriaId": "CA0D028E-0B07-4CB2-863A-527806B9917C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "D0D3EA8F-4D30-4383-AF2F-0FB6D822D0F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "0E6CD065-EC06-4846-BD2A-D3CA7866070F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "C7620D01-1A6B-490F-857E-0D803E0AEE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "4A1545CE-279F-4EE2-8913-8F3B2FAFE7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r4-s9:*:*:*:*:*:*",
"matchCriteriaId": "F8CD62D3-0894-426E-80A8-CEBCBD49810F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*",
"matchCriteriaId": "08FC0245-A4FF-42C0-A236-8569301E351A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "120EA9E3-788B-4CFD-A74F-17111FFD0131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r6-s6:*:*:*:*:*:*",
"matchCriteriaId": "C8257676-7AA7-4B39-A8F8-685843D0685B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1:r7-s1:*:*:*:*:*:*",
"matchCriteriaId": "33A3ECF9-AA4D-41F9-8441-1EB5F1DB882E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
"matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
"matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
"matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*",
"matchCriteriaId": "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*",
"matchCriteriaId": "C808E08F-1992-43DD-A106-E920DC784831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
"matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
"matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
"matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
"matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11D4A86D-BDB4-4A01-96FE-7E023C58074B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
"matchCriteriaId": "1E3B807C-196D-42B8-9042-7582A1366772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
"matchCriteriaId": "83FEEE8F-9279-46F2-BAF9-A60537020C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*",
"matchCriteriaId": "BBD36C0D-0F44-4349-968D-4CD60F281D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d230:*:*:*:*:*:*",
"matchCriteriaId": "3E364FE2-5FB1-4E14-8DF5-CA21F4BFBBC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d231:*:*:*:*:*:*",
"matchCriteriaId": "7F22C4C2-20E0-428F-A9BF-37E8BD63A9E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d232:*:*:*:*:*:*",
"matchCriteriaId": "71334963-7BF1-49DB-84E6-D6F2A927458B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d233:*:*:*:*:*:*",
"matchCriteriaId": "E773AA7F-AB97-488A-B73D-682FB5553B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d234:*:*:*:*:*:*",
"matchCriteriaId": "E9196882-FE7B-489A-81AC-55355864DA93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d235:*:*:*:*:*:*",
"matchCriteriaId": "93CCFF32-D589-4E84-9A08-D667B14B0B73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d236:*:*:*:*:*:*",
"matchCriteriaId": "F218BBE0-8F18-4A8E-8C95-8249B6776958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d237:*:*:*:*:*:*",
"matchCriteriaId": "E56F9D8C-27AA-43EC-9043-7A480265CE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d25:*:*:*:*:*:*",
"matchCriteriaId": "1DD0B95A-7C9F-4A18-9CD8-BA344DEFC9D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
"matchCriteriaId": "1F294E43-73FA-4EF3-90F2-EE29C56D6573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d31:*:*:*:*:*:*",
"matchCriteriaId": "6F3ED4F6-483F-41DC-BBCF-3605641ACAD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
"matchCriteriaId": "EDDE1048-BFEA-4A3E-8270-27C538A68837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
"matchCriteriaId": "CC517CD0-FF35-498F-AD33-683B43CA3829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
"matchCriteriaId": "53F7E1C5-BFA9-426C-9F95-3EA5DB458C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d40:*:*:*:*:*:*",
"matchCriteriaId": "C2B5ED13-F998-447C-8FEA-047FE9FE2F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d45:*:*:*:*:*:*",
"matchCriteriaId": "65F3CD2A-D5E1-4EFF-9013-6D81B396F765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d470:*:*:*:*:*:*",
"matchCriteriaId": "AE20A296-0B0D-47B6-8F63-3B664D0F549C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d495:*:*:*:*:*:*",
"matchCriteriaId": "723FD85C-C763-4017-B6BF-0CA707997D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d56:*:*:*:*:*:*",
"matchCriteriaId": "3978B35D-5745-47BC-A56F-A0678AB0F3E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d59:*:*:*:*:*:*",
"matchCriteriaId": "92E31AF0-83EB-4570-A6DE-4308BE0D3A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*",
"matchCriteriaId": "962CCED8-E321-4878-9BE6-0DC33778559A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*",
"matchCriteriaId": "2B08B97A-5D4D-405B-A1C4-9E327E4EED35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*",
"matchCriteriaId": "738C1061-E8B8-4924-AFE9-5E59F22CA4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*",
"matchCriteriaId": "9071DC8C-D0AA-448E-82BF-7C801199193F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d64:*:*:*:*:*:*",
"matchCriteriaId": "395CC50B-9042-4B12-9A1C-A8D5D571DC25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d65:*:*:*:*:*:*",
"matchCriteriaId": "F0396190-54A5-4F11-8530-B5EC7BCBC85A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d66:*:*:*:*:*:*",
"matchCriteriaId": "E56CF063-0CB3-4BD6-978B-B9D7C0C8C4AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d69:*:*:*:*:*:*",
"matchCriteriaId": "7DEF14A2-388F-413F-BBB4-39548BDF1E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x53:d70:*:*:*:*:*:*",
"matchCriteriaId": "88BAA95F-7CA2-46A0-8F60-588941AF3E44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:-:*:*:*:*:*:*",
"matchCriteriaId": "258A380C-1EA0-407D-B7E3-4A2E8820119C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "BBE35BDC-7739-4854-8BB8-E8600603DE9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "2DC47132-9EEA-4518-8F86-5CD231FBFB61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "CD5A30CE-9498-4007-8E66-FD0CC6CF1836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "6D3E38C1-808C-4BD3-993D-F30855F5390F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*",
"matchCriteriaId": "72194CB7-FFDC-4897-9D6E-EA3459DDDEB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r5-s4:*:*:*:*:*:*",
"matchCriteriaId": "C88635DB-09B1-4DA1-8FC3-2F7A7E42819C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "92F35C19-5AD2-4F98-8313-2E880714DF3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r6-s1:*:*:*:*:*:*",
"matchCriteriaId": "DF5A9D31-ED7D-4390-B46D-7E46089DB932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.1:r7:*:*:*:*:*:*",
"matchCriteriaId": "6B4A4960-0241-4BF4-8857-8B7BE33466B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:-:*:*:*:*:*:*",
"matchCriteriaId": "9677CE18-B955-432F-BA2B-AAE3D0CA0F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "3661BC68-6F32-447F-8D20-FD73FBBED9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "5B6097D4-3856-4696-9A26-5B6C0FD9AD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "84DD80BF-BF7E-447B-AA74-00B3D8036E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "57B89EEB-222D-46AA-BC8F-4EE7E17BA7B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s5:*:*:*:*:*:*",
"matchCriteriaId": "ECAE613D-1317-4D2E-8A61-980CD5DEAED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:16.2:r2-s6:*:*:*:*:*:*",
"matchCriteriaId": "BAB2D63C-C966-42CA-85A9-09820D00A2D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CC9B5CDE-3A50-4CD3-962A-FA0989939F37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "7572C187-4D58-4E0D-A605-B2B13EFF5C6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4E0D42C4-9B4D-44F9-BC84-E7994404598B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "DE2C20D8-3C73-4B87-BA41-DBFBCA5FBA58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "54D887B4-D2F4-4537-8298-B98D01396F12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s4:*:*:*:*:*:*",
"matchCriteriaId": "1C1B5AE6-A323-4744-BCA1-25E46D2D27BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s5:*:*:*:*:*:*",
"matchCriteriaId": "0AB39E2F-0D67-4FA6-84B8-36684E971002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s6:*:*:*:*:*:*",
"matchCriteriaId": "A32C3702-48DE-47CF-B0D1-3A629676AD03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s7:*:*:*:*:*:*",
"matchCriteriaId": "B9695B3E-FCDA-4DF0-B714-8B4F87AA647D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.1:r2-s8:*:*:*:*:*:*",
"matchCriteriaId": "36214C23-82C8-4A3E-9FF8-04F85FF8B2B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:-:*:*:*:*:*:*",
"matchCriteriaId": "BCEE8D9C-6D64-4A9B-A74A-57A0BF4086C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "595987A6-D8CE-41ED-B51C-EF9CD3B47AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r1-s4:*:*:*:*:*:*",
"matchCriteriaId": "CFA3526C-FF53-4823-B6AC-0BA91BFB532D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "7D45F2C3-20FF-4A91-A440-E109B3CCE7C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*",
"matchCriteriaId": "A283D32F-1CAF-4A5A-83E1-585F2801771F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "32F83E8B-A816-4F26-95F8-F0DA7F3DF426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2C433359-BC8B-4E69-BE74-A31EB148083A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "BCA2976C-C84B-40D9-A806-588629BFFB13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3."
},
{
"lang": "es",
"value": "Una debilidad de valor de retorno de estado inesperado en el Next-Generation Multicast VPN (NG-mVPN) de Juniper Networks Junos OS, permite al atacante causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) y centrar el proceso del demonio del protocolo de enrutamiento (rpd) cuando un paquete IPv4 malformado espec\u00edfico es recibido por parte del dispositivo que ejecuta BGP. Este paquete malformado puede ser creado y enviado hacia un dispositivo v\u00edctima, incluso cuando se reenv\u00eda directamente por medio de un dispositivo que recibe dicho paquete malformado, pero no si el paquete malformado se desencapsula primero desde un formato encapsulado por un dispositivo receptor. La recepci\u00f3n continua del paquete malformado resultar\u00e1 en una condici\u00f3n de Denegaci\u00f3n de Servicio sostenida. Este problema afecta a: Juniper Networks Junos OS versiones 15.1 anteriores a 15.1F6-S12, 15.1R7-S2; versiones 15.1X49 anteriores a 15.1X49-D150 en la serie SRX; versiones 15.1X53 anteriores a 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; versiones 16.1 anteriores a 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; versiones 16.2 anteriores a 16.2R2-S7; versiones 17.1 anteriores a 17.1R2-S9, 17.1R3; versiones 17.2 anteriores a 17.2R1-S7, 17.2R2-S6, 17.2R3; versiones 17.3 anteriores a 17.3R2-S4, 17.3R3."
}
],
"id": "CVE-2019-0066",
"lastModified": "2024-11-21T04:16:10.697",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-09T20:15:17.630",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10965"
},
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-394"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2019-AVI-500
Vulnerability from certfr_avis - Published: 2019-10-10 - Updated: 2019-10-10
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer aux bulletins de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Produits NFX, Junos OS versions antérieures à 18.2R1, 18.2X75-D5
- Produits CTP, CTPView versions antérieures à 7.3R6
- Produits EX, Junos OS versions antérieures à 12.3R12-S15
- Produits SRX
- Junos OS versions antérieures à 12.3X48-D80, 15.1X49-D120, 15.1X49-D150, 15.1X49-D171, 15.1X49-D180, à partir de la version 18.2R2-S1 et antérieures à 18.2R3, 18.4R2, ainsi que les versions antérieures à 18.2R3, 19.2R1 pour la série SRX 5000
- Junos OS avec J-Web activé versions antérieures à 12.3X48-D85, 15.1X49-D180
- Junos OS avec SIP ALG activé versions antérieures à 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2
- Produits MX
- Junos OS gamme MX480, MX960, MX2008, MX2010, MX2020 versions antérieures à 18.1R2-S4, 18.1R3-S5, 18.1X75-D10 et ultérieures, versions antérieures à 18.2R1-S5, 18.2R2-S3, 18.2R3, 18.2X75-D50, 18.3R1-S4, 18.3R2, 18.3R3, 18.4R1-S2, 18.4R2
- Junos OS avec DHCPv6 activé versions antérieures à 15.1R7-S5, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R3-S2, 17.3R3-S6, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S4, 18.2R3, 18.2X75-D50, 18.3R1-S5, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2
- Junos OS avec cartes MS-PIC, MS-MIC ou MS-MPC et activation de NAT et SIP ALG, versions antérieures 16.1R7-S5, 16.2R2-S11, 17.1R3, 17.2R3-S3, 17.3R3-S6, 17.4R2-S8, 17.4R3, 18.1R3-S3, 18.2R3, 18.3R2, 18.4R
- Toutes séries
- Junos OS versions antérieures à 15.1F6-S12, 15.1R7-S2, 15.1X49-D171, 15.1X49-D180, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 15.1X53-D496, 15.1X53-D68, 15.1X53-D69, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.2R3-S1, 17.3R2-S4, 17.3R3, 17.3R3-S4, 17.4R1-S6, 17.4R1-S7, 17.4R2-S3, 17.4R3, 18.1R2-S4, 18.1R3-S1, 18.1X75, 18.2R1-S5, 18.2R2-S2, 18.2R3, 18.3R1-S3, 18.3R2, 18.4R1-S2, 18.4R2
- Junos OS avec J-Web activé versions antérieures à 14.1X53-D51, 15.1F6-S13, 15.1R7-S5, 15.1X53-D238, 16.1R4-S13, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R2-S8, 17.2R3-S3, 17.3R3-S5, 17.4R2-S8, 17.4R3, 18.1R3-S8, 18.2R3, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2
- Junos OS sur des équipements avec l'option Multi-Chassis Link Aggregation Group (MC-LAG) activée, versions ultérieures à 15.1 et antérieures à 16.1R6-S2, 16.1R7, 16.2R2-S10, 17.1R3
Impacted products
| Vendor | Product | Description |
|---|
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eProduits NFX, Junos OS versions ant\u00e9rieures \u00e0 18.2R1, 18.2X75-D5\u003c/li\u003e \u003cli\u003eProduits CTP, CTPView versions ant\u00e9rieures \u00e0 7.3R6\u003c/li\u003e \u003cli\u003eProduits EX, Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S15\u003c/li\u003e \u003cli\u003eProduits SRX \u003cul\u003e \u003cli\u003eJunos OS versions ant\u00e9rieures \u00e0 12.3X48-D80, 15.1X49-D120, 15.1X49-D150, 15.1X49-D171, 15.1X49-D180, \u00e0 partir de la version 18.2R2-S1 et ant\u00e9rieures \u00e0 18.2R3, 18.4R2, ainsi que les versions ant\u00e9rieures \u00e0 18.2R3, 19.2R1 pour la s\u00e9rie SRX 5000\u003c/li\u003e \u003cli\u003eJunos OS avec J-Web activ\u00e9 versions ant\u00e9rieures \u00e0 12.3X48-D85, 15.1X49-D180\u003c/li\u003e \u003cli\u003eJunos OS avec SIP ALG activ\u00e9 versions ant\u00e9rieures \u00e0 12.3X48-D61, 12.3X48-D65, 15.1X49-D130, 17.3R3, 17.4R2\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eProduits MX \u003cul\u003e \u003cli\u003eJunos OS gamme\u00a0MX480, MX960, MX2008, MX2010, MX2020 versions ant\u00e9rieures \u00e0 18.1R2-S4, 18.1R3-S5, 18.1X75-D10 et ult\u00e9rieures, versions ant\u00e9rieures \u00e0 18.2R1-S5, 18.2R2-S3, 18.2R3, 18.2X75-D50, 18.3R1-S4, 18.3R2, 18.3R3, 18.4R1-S2, 18.4R2\u003c/li\u003e \u003cli\u003eJunos OS avec DHCPv6 activ\u00e9 versions ant\u00e9rieures \u00e0 15.1R7-S5, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R3-S2, 17.3R3-S6, 17.4R2-S5, 17.4R3, 18.1R3-S6, 18.2R2-S4, 18.2R3, 18.2X75-D50, 18.3R1-S5, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2\u003c/li\u003e \u003cli\u003eJunos OS avec cartes MS-PIC, MS-MIC ou MS-MPC et activation de NAT et SIP ALG, versions ant\u00e9rieures 16.1R7-S5, 16.2R2-S11, 17.1R3, 17.2R3-S3, 17.3R3-S6, 17.4R2-S8, 17.4R3, 18.1R3-S3, 18.2R3, 18.3R2, 18.4R\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eToutes s\u00e9ries \u003cul\u003e \u003cli\u003eJunos OS versions ant\u00e9rieures \u00e0 15.1F6-S12, 15.1R7-S2,\u00a0 15.1X49-D171, 15.1X49-D180, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590,\u00a0 15.1X53-D496, 15.1X53-D68, 15.1X53-D69, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.2R3-S1, 17.3R2-S4, 17.3R3, 17.3R3-S4, 17.4R1-S6, 17.4R1-S7, 17.4R2-S3, 17.4R3, 18.1R2-S4, 18.1R3-S1, 18.1X75, 18.2R1-S5, 18.2R2-S2, 18.2R3, 18.3R1-S3, 18.3R2, 18.4R1-S2, 18.4R2\u003c/li\u003e \u003cli\u003eJunos OS avec J-Web activ\u00e9 versions ant\u00e9rieures \u00e0 14.1X53-D51, 15.1F6-S13, 15.1R7-S5, 15.1X53-D238, 16.1R4-S13, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R2-S8, 17.2R3-S3, 17.3R3-S5, 17.4R2-S8, 17.4R3, 18.1R3-S8, 18.2R3, 18.3R3, 18.4R2, 19.1R1-S2, 19.1R2\u003c/li\u003e \u003cli\u003eJunos OS sur des \u00e9quipements avec l\u0027option Multi-Chassis Link Aggregation Group (MC-LAG) activ\u00e9e, versions ult\u00e9rieures \u00e0 15.1 et ant\u00e9rieures \u00e0 16.1R6-S2, 16.1R7, 16.2R2-S10, 17.1R3\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003c/ul\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0061",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0061"
},
{
"name": "CVE-2019-0054",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0054"
},
{
"name": "CVE-2019-0058",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0058"
},
{
"name": "CVE-2019-0056",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0056"
},
{
"name": "CVE-2019-0062",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0062"
},
{
"name": "CVE-2016-10011",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10011"
},
{
"name": "CVE-2016-10009",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10009"
},
{
"name": "CVE-2019-0057",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0057"
},
{
"name": "CVE-2019-0067",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0067"
},
{
"name": "CVE-2019-0063",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0063"
},
{
"name": "CVE-2019-0064",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0064"
},
{
"name": "CVE-2016-10010",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10010"
},
{
"name": "CVE-2018-20685",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20685"
},
{
"name": "CVE-2016-10012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10012"
},
{
"name": "CVE-2015-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8325"
},
{
"name": "CVE-2019-0065",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0065"
},
{
"name": "CVE-2019-0059",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0059"
},
{
"name": "CVE-2019-0055",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0055"
},
{
"name": "CVE-2019-0060",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0060"
},
{
"name": "CVE-2019-0066",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0066"
}
],
"initial_release_date": "2019-10-10T00:00:00",
"last_revision_date": "2019-10-10T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-500",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-10-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10962 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10962\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10954 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10954\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10953 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10953\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10957 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10957\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10952 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10952\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10965 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10965\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10964 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10964\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10960 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10960\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10963 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10963\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10958 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10958\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10959 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10959\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10966 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10966\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10956 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10956\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10955 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10955\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10961 du 10 octobre 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10961\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
GSD-2019-0066
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-0066",
"description": "An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3.",
"id": "GSD-2019-0066"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-0066"
],
"details": "An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3.",
"id": "GSD-2019-0066",
"modified": "2023-12-13T01:23:40.033173Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-10-09T16:00:00.000Z",
"ID": "CVE-2019-0066",
"STATE": "PUBLIC",
"TITLE": "Junos OS: A malformed IPv4 packet received by Junos in an NG-mVPN scenario may cause the routing protocol daemon (rpd) process to core"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "15.1",
"version_value": "15.1F6-S12, 15.1R7-S2"
},
{
"platform": "SRX Series",
"version_affected": "\u003c",
"version_name": "15.1X49",
"version_value": "15.1X49-D150"
},
{
"version_affected": "\u003c",
"version_name": "16.1",
"version_value": "16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2"
},
{
"version_affected": "\u003c",
"version_name": "16.2",
"version_value": "16.2R2-S7"
},
{
"version_affected": "\u003c",
"version_name": "17.1",
"version_value": "17.1R2-S9, 17.1R3"
},
{
"version_affected": "\u003c",
"version_name": "17.2",
"version_value": "17.2R1-S7, 17.2R2-S6, 17.2R3"
},
{
"version_affected": "\u003c",
"version_name": "17.3",
"version_value": "17.3R2-S4, 17.3R3"
},
{
"version_affected": "\u003c",
"version_name": "15.1X53",
"version_value": "15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-394 Unexpected Status Code or Return Value"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10965",
"refsource": "MISC",
"url": "https://kb.juniper.net/JSA10965"
},
{
"name": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html",
"refsource": "MISC",
"url": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 15.1F6-S12, 15.1R7-S2, 15.1X49-D150, 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R2-S9, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.3R2-S4, 17.3R3, 17.4R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA10965",
"defect": [
"1309982"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Discontinue use of BGP services if not needed. Otherwise, there are no viable workarounds for this issue."
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:a1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r6-s6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r7-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f2-s4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r4-s9:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f2-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f6-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:r4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f2-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f2-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1:f6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:juniper:csrx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d236:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d237:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d69:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d64:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d40:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d45:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d470:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d495:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d233:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d210:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d70:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d25:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d30:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d65:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d232:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d234:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d230:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d21:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d31:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d33:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d60:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d62:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d231:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d59:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d235:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d66:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d32:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d34:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d56:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d61:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:15.1x53:d63:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r5-s4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.1:r6-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.2:r2-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.2:r2-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.2:r2-s5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.2:r2-s6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.1:r2-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.1:r2-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.1:r2-s4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.1:r2-s5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.1:r2-s8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.1:r2-s7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.1:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.1:r2-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.1:r2-s6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.2:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.2:r1-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.2:r1-s4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.3:r2-s3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"ID": "CVE-2019-0066"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html"
},
{
"name": "https://kb.juniper.net/JSA10965",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10965"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2021-10-28T12:25Z",
"publishedDate": "2019-10-09T20:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…