PT-2019-1359 · Juniper Networks · Junos

Published

2019-01-09

Updated

2020-12-08

CVE-2019-0002

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Junos OS on EX2300 and EX3400 series versions prior to 15.1X53-D590 Junos OS on EX2300 and EX3400 series versions 18.1 prior to 18.1R3 Junos OS on EX2300 and EX3400 series versions 18.2 prior to 18.2R2

Description The issue is related to a stateless firewall filter configuration that uses the action 'policer' in combination with other actions, which might not take effect. This affects both IPv4 and IPv6 firewall filters. When the issue occurs, the output of the command "show pfe filter hw summary" will not show the entry for the RACL group.

Recommendations For versions prior to 15.1X53-D590, update to version 15.1X53-D590 or later. For versions 18.1 prior to 18.1R3, update to version 18.1R3 or later. For versions 18.2 prior to 18.2R2, update to version 18.2R2 or later.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-794

Related Identifiers

BDU:2019-00717

CVE-2019-0002

Affected Products

Junos

PT-2019-1359 · Juniper Networks · Junos

CVE-2019-0002

Weakness Enumeration

Related Identifiers

Affected Products

References · 9