7.5

CVE-2018-0030

Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K to crash and restart. By continuously sending specific MPLS packets, an attacker can repeatedly crash the line cards or PTX1K causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS with MPC7/8/9 or PTX-FPC3 (FPC-P1, FPC-P2) installed and PTX1K: 15.1F versions prior to 15.1F6-S10; 15.1 versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7; 16.1 versions prior to 16.1R3-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.1X65 versions prior to 16.1X65-D46; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S4, 17.2R2-S4, 17.2R3; 17.2X75 versions prior to 17.2X75-D70, 17.2X75-D90; 17.3 versions prior to 17.3R1-S4, 17.3R2, 17.4 versions prior to 17.4R1-S2, 17.4R2. Refer to KB25385 for more information about PFE line cards.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Version15.1 Updatef
JuniperJunos Version15.1 Updatef2
JuniperJunos Version15.1 Updatef3
JuniperJunos Version15.1 Updatef4
JuniperJunos Version15.1 Updatef5
JuniperJunos Version15.1 Updatef6
JuniperJunos Version15.1
JuniperJunos Version15.1 Updatef4
JuniperJunos Version15.1 Updater1
JuniperJunos Version15.1 Updater2
JuniperJunos Version15.1 Updater6-s6
JuniperJunos Version15.1 Updater7
JuniperJunos Version16.1
JuniperJunos Version16.1 Updater1
JuniperJunos Version16.1 Updater2
JuniperJunos Version16.1 Updater3
JuniperJunos Version16.1 Updater4-s9
JuniperJunos Version16.1 Updater5-s4
JuniperJunos Version16.1 Updater6-s3
JuniperJunos Version16.1 Updater7
JuniperJunos Version16.1x65
JuniperJunos Version16.1x65 Updated30
JuniperJunos Version16.1x65 Updated35
JuniperJunos Version16.1x65 Updated40
JuniperJunos Version16.2
JuniperJunos Version16.2 Updater1
JuniperJunos Version16.2 Updater2-s5
JuniperJunos Version16.2 Updater3
JuniperJunos Version17.1
JuniperJunos Version17.1 Updater1
JuniperJunos Version17.1 Updater2-s7
JuniperJunos Version17.1 Updater3
JuniperJunos Version17.2
JuniperJunos Version17.2 Updater1
JuniperJunos Version17.2 Updater2-s4
JuniperJunos Version17.2 Updater3
JuniperJunos Version17.3
JuniperJunos Version17.3 Updater1
JuniperJunos Version17.3 Updater2
JuniperJunos Version17.4
JuniperJunos Version17.4 Updater1
JuniperJunos Version17.4 Updater2
JuniperJunos Version17.2x75
JuniperJunos Version17.2x75 Updated90
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.61% 0.687
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
sirt@juniper.net 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

http://www.securitytracker.com/id/1041325
Third Party Advisory
VDB Entry