CVE-2018-0060

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 12.1X46-D40 on SRX Series Juniper Networks Junos OS versions prior to 12.3X48-D20 on SRX Series Juniper Networks Junos OS versions prior to 14.1X53-D40 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100 Juniper Networks Junos OS versions prior to 15.1X49-D20 on SRX Series Juniper Networks Junos OS versions prior to 15.1X53-D68 on QFX10000 Series Juniper Networks Junos OS versions prior to 15.1X53-D235 on QFX5200/QFX5110 Juniper Networks Junos OS versions prior to 15.1X53-D495 on NFX150, NFX250 Juniper Networks Junos OS versions prior to 15.1X53-D590 on EX2300/EX3400 Juniper Networks Junos OS versions prior to 15.1R7-S2

Description: An improper input validation weakness in the device control daemon process (dcd) of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and connected clients when the Junos device is requesting an IP address for itself. Junos devices are not vulnerable to this issue when not configured to use DHCP.

Recommendations: For versions prior to 12.1X46-D40 on SRX Series, update to 12.1X46-D40 or later. For versions prior to 12.3X48-D20 on SRX Series, update to 12.3X48-D20 or later. For versions prior to 14.1X53-D40 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100, update to 14.1X53-D40 or later. For versions prior to 15.1X49-D20 on SRX Series, update to 15.1X49-D20 or later. For versions prior to 15.1X53-D68 on QFX10000 Series, update to 15.1X53-D68 or later. For versions prior to 15.1X53-D235 on QFX5200/QFX5110, update to 15.1X53-D235 or later. For versions prior to 15.1X53-D495 on NFX150, NFX250, update to 15.1X53-D495 or later. For versions prior to 15.1X53-D590 on EX2300/EX3400, update to 15.1X53-D590 or later. For versions prior to 15.1R7-S2, update to 15.1R7-S2 or later.