CVE-2019-0050

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 15.1X49-D170 on SRX1500 Junos OS versions prior to 17.3R3-S7 on SRX1500 Junos OS versions prior to 17.4R2-S8, 17.4R3 on SRX1500 Junos OS versions prior to 18.1R3-S8 on SRX1500 Junos OS versions prior to 18.2R3 on SRX1500 Junos OS versions prior to 18.3R2 on SRX1500 Junos OS versions prior to 18.4R2 on SRX1500

Description The issue exists due to insufficient input validation in the srxpfe process of the Junos OS on the SRX1500 device. Under certain heavy traffic conditions, the srxpfe process can crash, resulting in a denial of service condition. Repeated crashes can lead to an extended denial of service condition, causing the device to fail to forward traffic.

Recommendations For Junos OS versions prior to 15.1X49-D170 on SRX1500, update to version 15.1X49-D170 or later. For Junos OS versions prior to 17.3R3-S7 on SRX1500, update to version 17.3R3-S7 or later. For Junos OS versions prior to 17.4R2-S8, 17.4R3 on SRX1500, update to version 17.4R2-S8 or 17.4R3 or later. For Junos OS versions prior to 18.1R3-S8 on SRX1500, update to version 18.1R3-S8 or later. For Junos OS versions prior to 18.2R3 on SRX1500, update to version 18.2R3 or later. For Junos OS versions prior to 18.3R2 on SRX1500, update to version 18.3R2 or later. For Junos OS versions prior to 18.4R2 on SRX1500, update to version 18.4R2 or later.