CVE-2018-0057

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 15.1R7-S2, 15.1R8 Junos OS versions prior to 16.1R4-S12, 16.1R7-S2, 16.1R8 Junos OS versions prior to 16.2R2-S7, 16.2R3 Junos OS versions prior to 17.1R2-S9, 17.1R3 Junos OS versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3 Junos OS versions prior to 17.3R2-S4, 17.3R3 Junos OS versions prior to 17.4R2 Junos OS versions prior to 18.1R2-S3, 18.1R3

Description: The issue affects MX Series and M120/M320 platforms in a Broadband Edge environment. Subscribers using DHCP Option 50 to request a specific IP address may be assigned that address, even if a static MAC to IP address binding exists. This could allow a malicious subscriber to create duplicate IP address assignments, leading to denial of service for valid subscribers or unauthorized information disclosure via IP address assignment spoofing.

Recommendations: For Junos OS versions prior to 15.1R7-S2, 15.1R8, update to 15.1R7-S2 or later. For Junos OS versions prior to 16.1R4-S12, 16.1R7-S2, 16.1R8, update to 16.1R4-S12 or later. For Junos OS versions prior to 16.2R2-S7, 16.2R3, update to 16.2R2-S7 or later. For Junos OS versions prior to 17.1R2-S9, 17.1R3, update to 17.1R2-S9 or later. For Junos OS versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3, update to 17.2R1-S7 or later. For Junos OS versions prior to 17.3R2-S4, 17.3R3, update to 17.3R2-S4 or later. For Junos OS versions prior to 17.4R2, update to 17.4R2 or later. For Junos OS versions prior to 18.1R2-S3, 18.1R3, update to 18.1R2-S3 or later.