7.5

CVE-2019-0014

EPSS 0.48%
Published 15.01.2019 21:29:01
Last modified 21.11.2024 04:16:03
Source sirt@juniper.net
Teams watchlist Login
Open Login

On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down. By continuously sending the offending packet, an attacker can repeatedly crash the FPC process causing a sustained Denial of Service (DoS). This issue affects both IPv4 and IPv6 packet processing. Affected releases are Juniper Networks Junos OS on QFX and PTX Series: 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1; 18.2 versions prior to 18.2R1-S3, 18.2R2; 17.2X75 versions prior to 17.2X75-D91, 17.2X75-D100.

Affected products Warnungen 0 Metrics 4 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Juniper ≫ Junos Version17.2x75 Updated102

   Juniper ≫ Ptx1000 Version-
   Juniper ≫ Ptx10002 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-
   Juniper ≫ Ptx3000 Version-
   Juniper ≫ Ptx5000 Version-
   Juniper ≫ Qfx10002 Version-
   Juniper ≫ Qfx10008 Version-
   Juniper ≫ Qfx10016 Version-
   Juniper ≫ Qfx3500 Version-
   Juniper ≫ Qfx3600 Version-
   Juniper ≫ Qfx5100 Version-
   Juniper ≫ Qfx5110 Version-
   Juniper ≫ Qfx5120 Version-
   Juniper ≫ Qfx5200 Version-
   Juniper ≫ Qfx5210 Version-

Juniper ≫ Junos Version17.2x75 Updated50

   Juniper ≫ Ptx1000 Version-
   Juniper ≫ Ptx10002 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-
   Juniper ≫ Ptx3000 Version-
   Juniper ≫ Ptx5000 Version-
   Juniper ≫ Qfx10002 Version-
   Juniper ≫ Qfx10008 Version-
   Juniper ≫ Qfx10016 Version-
   Juniper ≫ Qfx3500 Version-
   Juniper ≫ Qfx3600 Version-
   Juniper ≫ Qfx5100 Version-
   Juniper ≫ Qfx5110 Version-
   Juniper ≫ Qfx5120 Version-
   Juniper ≫ Qfx5200 Version-
   Juniper ≫ Qfx5210 Version-

Juniper ≫ Junos Version17.2x75 Updated70

   Juniper ≫ Ptx1000 Version-
   Juniper ≫ Ptx10002 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-
   Juniper ≫ Ptx3000 Version-
   Juniper ≫ Ptx5000 Version-
   Juniper ≫ Qfx10002 Version-
   Juniper ≫ Qfx10008 Version-
   Juniper ≫ Qfx10016 Version-
   Juniper ≫ Qfx3500 Version-
   Juniper ≫ Qfx3600 Version-
   Juniper ≫ Qfx5100 Version-
   Juniper ≫ Qfx5110 Version-
   Juniper ≫ Qfx5120 Version-
   Juniper ≫ Qfx5200 Version-
   Juniper ≫ Qfx5210 Version-

Juniper ≫ Junos Version17.4

   Juniper ≫ Ptx1000 Version-
   Juniper ≫ Ptx10002 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-
   Juniper ≫ Ptx3000 Version-
   Juniper ≫ Ptx5000 Version-
   Juniper ≫ Qfx10002 Version-
   Juniper ≫ Qfx10008 Version-
   Juniper ≫ Qfx10016 Version-
   Juniper ≫ Qfx3500 Version-
   Juniper ≫ Qfx3600 Version-
   Juniper ≫ Qfx5100 Version-
   Juniper ≫ Qfx5110 Version-
   Juniper ≫ Qfx5120 Version-
   Juniper ≫ Qfx5200 Version-
   Juniper ≫ Qfx5210 Version-

Juniper ≫ Junos Version17.4 Updater1

   Juniper ≫ Ptx1000 Version-
   Juniper ≫ Ptx10002 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-
   Juniper ≫ Ptx3000 Version-
   Juniper ≫ Ptx5000 Version-
   Juniper ≫ Qfx10002 Version-
   Juniper ≫ Qfx10008 Version-
   Juniper ≫ Qfx10016 Version-
   Juniper ≫ Qfx3500 Version-
   Juniper ≫ Qfx3600 Version-
   Juniper ≫ Qfx5100 Version-
   Juniper ≫ Qfx5110 Version-
   Juniper ≫ Qfx5120 Version-
   Juniper ≫ Qfx5200 Version-
   Juniper ≫ Qfx5210 Version-

Juniper ≫ Junos Version17.4 Updater2

   Juniper ≫ Ptx1000 Version-
   Juniper ≫ Ptx10002 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-
   Juniper ≫ Ptx3000 Version-
   Juniper ≫ Ptx5000 Version-
   Juniper ≫ Qfx10002 Version-
   Juniper ≫ Qfx10008 Version-
   Juniper ≫ Qfx10016 Version-
   Juniper ≫ Qfx3500 Version-
   Juniper ≫ Qfx3600 Version-
   Juniper ≫ Qfx5100 Version-
   Juniper ≫ Qfx5110 Version-
   Juniper ≫ Qfx5120 Version-
   Juniper ≫ Qfx5200 Version-
   Juniper ≫ Qfx5210 Version-

Juniper ≫ Junos Version18.2 Updater1

   Juniper ≫ Ptx1000 Version-
   Juniper ≫ Ptx10002 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-
   Juniper ≫ Ptx3000 Version-
   Juniper ≫ Ptx5000 Version-
   Juniper ≫ Qfx10002 Version-
   Juniper ≫ Qfx10008 Version-
   Juniper ≫ Qfx10016 Version-
   Juniper ≫ Qfx3500 Version-
   Juniper ≫ Qfx3600 Version-
   Juniper ≫ Qfx5100 Version-
   Juniper ≫ Qfx5110 Version-
   Juniper ≫ Qfx5120 Version-
   Juniper ≫ Qfx5200 Version-
   Juniper ≫ Qfx5210 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.48%	0.62

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
sirt@juniper.net	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

http://www.securityfocus.com/bid/106556

Third Party Advisory

VDB Entry

https://kb.juniper.net/JSA10914

Patch

Vendor Advisory

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2019-0014

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-0014

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-0014

EUVD