CVE-2019-0046

Name of the Vulnerable Software and Affected Versions Junos OS versions 16.1R1 through 16.1R7-S5 Junos OS versions prior to 17.1R3 Junos OS versions prior to 17.2R3 Junos OS versions prior to 17.3R3-S2 Junos OS versions prior to 17.4R2 Junos OS versions prior to 18.1R3 Junos OS versions prior to 18.2R2

Description A vulnerability in the pfe-chassisd Chassis Manager (CMLC) daemon of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the EX4300 when specific valid broadcast packets create a broadcast storm condition when received on the me0 interface of the EX4300 Series device. A reboot of the device is required to restore service. Continued receipt of these valid broadcast packets will create a sustained Denial of Service (DoS) against the device.

Recommendations For Junos OS versions 16.1R1 through 16.1R7-S5, update to version 16.1R7-S5 or later. For Junos OS versions prior to 17.1R3, update to version 17.1R3 or later. For Junos OS versions prior to 17.2R3, update to version 17.2R3 or later. For Junos OS versions prior to 17.3R3-S2, update to version 17.3R3-S2 or later. For Junos OS versions prior to 17.4R2, update to version 17.4R2 or later. For Junos OS versions prior to 18.1R3, update to version 18.1R3 or later. For Junos OS versions prior to 18.2R2, update to version 18.2R2 or later.