PT-2019-1360 · Juniper Networks · Junos

Published

2019-01-09

·

Updated

2021-11-09

·

CVE-2019-0005

CVSS v3.1

5.3

Medium

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 14.1X53-D47 Junos OS versions prior to 15.1R7 Junos OS versions prior to 15.1X53-D234 on QFX5200/QFX5110 series Junos OS versions prior to 15.1X53-D591 on EX2300/EX3400 series Junos OS versions prior to 16.1R7 Junos OS versions prior to 17.1R2-S10, 17.1R3 Junos OS versions prior to 17.2R3 Junos OS versions prior to 17.3R3 Junos OS versions prior to 17.4R2 Junos OS versions prior to 18.1R2
Description The issue is related to errors in processing IPv6 packets by the JunOS firewall filter. This may allow an attacker to execute arbitrary code using a specially crafted IPv6 packet. The problem is specific to IPv6 extension headers, and IPv4 packet filtering is not affected.
Recommendations For versions prior to 14.1X53-D47, update to 14.1X53-D47 or later. For versions prior to 15.1R7, update to 15.1R7 or later. For versions prior to 15.1X53-D234 on QFX5200/QFX5110 series, update to 15.1X53-D234 or later. For versions prior to 15.1X53-D591 on EX2300/EX3400 series, update to 15.1X53-D591 or later. For versions prior to 16.1R7, update to 16.1R7 or later. For versions prior to 17.1R2-S10, 17.1R3, update to 17.1R2-S10, 17.1R3 or later. For versions prior to 17.2R3, update to 17.2R3 or later. For versions prior to 17.3R3, update to 17.3R3 or later. For versions prior to 17.4R2, update to 17.4R2 or later. For versions prior to 18.1R2, update to 18.1R2 or later.

Fix

Improper Access Control

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-770

Related Identifiers

BDU:2019-00718
CVE-2019-0005

Affected Products

Junos