CVE-2019-0064

Name of the Vulnerable Software and Affected Versions Junos OS versions 18.2R3 through 19.2R1 on SRX 5000 Series

Description The issue is related to resource release errors in the Junos OS, which can be exploited by a remote attacker to cause a denial of service (DoS) by sending specially crafted TCP packets. This can lead to the flowd process crashing and restarting automatically. However, if the device receives a constant stream of these packets, it may result in an extended DoS condition.

Recommendations For versions 18.2R3, 18.4R2, and 19.2R1 on SRX 5000 Series, consider disabling the set security zones security-zone <zone> tcp-rst configuration to mitigate the risk of exploitation until a patch is available. Restrict access to the device to minimize the risk of receiving specially crafted TCP packets.