CVE-2019-0048

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 14.1X53-D51 Juniper Networks Junos OS versions prior to 17.1R3 Juniper Networks Junos OS versions prior to 17.2R3-S2 Juniper Networks Junos OS versions prior to 17.3R3-S3 Juniper Networks Junos OS versions prior to 17.4R2-S5 Juniper Networks Junos OS versions prior to 17.4R3 Juniper Networks Junos OS versions prior to 18.1R3-S1 Juniper Networks Junos OS versions prior to 18.2R2 Juniper Networks Junos OS versions prior to 18.3R2

Description The issue is related to an error in security settings, where reserved multicast addresses 224.0.0.x incorrectly match with addresses 224.x.x.x. This can cause other firewall filters to stop working for multicast traffic when a firewall filter is applied on the loopback interface. The command show firewall filter can be used to confirm whether the filter is working. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where this issue was exploited.

Recommendations For Juniper Networks Junos OS version 14.1X53, update to version 14.1X53-D51 or later. For Juniper Networks Junos OS version 17.1, update to version 17.1R3 or later. For Juniper Networks Junos OS version 17.2, update to version 17.2R3-S2 or later. For Juniper Networks Junos OS version 17.3, update to version 17.3R3-S3 or later. For Juniper Networks Junos OS version 17.4, update to version 17.4R2-S5 or version 17.4R3 or later. For Juniper Networks Junos OS version 18.1, update to version 18.1R3-S1 or later. For Juniper Networks Junos OS version 18.2, update to version 18.2R2 or later. For Juniper Networks Junos OS version 18.3, update to version 18.3R2 or later.