PT-2019-1144 · Juniper Networks · Junos
Published
2019-01-09
·
Updated
2020-09-29
·
CVE-2019-0003
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions:
Junos OS versions prior to 12.1X46-D77
Junos OS versions prior to 12.3R12-S10
Junos OS versions prior to 12.3X48-D70
Junos OS versions prior to 14.1X53-D47
Junos OS versions prior to 15.1R3
Junos OS versions prior to 15.1F3
Junos OS versions prior to 15.1X49-D140
Junos OS versions prior to 15.1X53-D59
Description:
The issue is related to incorrect data processing in the Junos operating system. Exploitation of this issue may allow a remote attacker to cause a denial of service due to a crash of the routing protocol daemon (rpd) process. This can occur when a specific BGP flowspec configuration is enabled and a specific matching BGP packet is received, causing a reachable assertion failure.
Recommendations:
For versions prior to 12.1X46-D77, update to 12.1X46-D77 or later.
For versions prior to 12.3R12-S10, update to 12.3R12-S10 or later.
For versions prior to 12.3X48-D70, update to 12.3X48-D70 or later.
For versions prior to 14.1X53-D47, update to 14.1X53-D47 or later.
For versions prior to 15.1R3, update to 15.1R3 or later.
For versions prior to 15.1F3, update to 15.1F3 or later.
For versions prior to 15.1X49-D140, update to 15.1X49-D140 or later.
For versions prior to 15.1X53-D59, update to 15.1X53-D59 or later.
Fix
Assertion Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Junos