CVE-2019-0051

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS on SRX5000 Series versions 12.3X48 through 12.3X48-D84 Juniper Networks Junos OS on SRX5000 Series versions 15.1X49 through 15.1X49-D179 Juniper Networks Junos OS on SRX5000 Series versions 17.3 through 17.3R3-S6 Juniper Networks Junos OS on SRX5000 Series versions 17.4 through 17.4R2-S5 Juniper Networks Junos OS on SRX5000 Series versions 17.4R3 and earlier Juniper Networks Junos OS on SRX5000 Series versions 18.1 through 18.1R3-S7 Juniper Networks Junos OS on SRX5000 Series versions 18.2 through 18.2R2 Juniper Networks Junos OS on SRX5000 Series versions 18.3 through 18.3R1 Juniper Networks Junos OS on SRX5000 Series versions 18.4 through 18.4R1 Juniper Networks Junos OS on SRX5000 Series versions 19.1 through 19.1R1

Description The SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation, which can be exploited by remote SSL/TLS servers to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition. For this issue to occur, clients protected by the SRX device must initiate a connection to the malicious server.

Recommendations For Juniper Networks Junos OS on SRX5000 Series versions 12.3X48 through 12.3X48-D84, update to version 12.3X48-D85 or later. For Juniper Networks Junos OS on SRX5000 Series versions 15.1X49 through 15.1X49-D179, update to version 15.1X49-D180 or later. For Juniper Networks Junos OS on SRX5000 Series versions 17.3 through 17.3R3-S6, update to version 17.3R3-S7 or later. For Juniper Networks Junos OS on SRX5000 Series versions 17.4 through 17.4R2-S5, update to version 17.4R2-S6 or later. For Juniper Networks Junos OS on SRX5000 Series version 17.4R3, update to a version later than 17.4R3. For Juniper Networks Junos OS on SRX5000 Series versions 18.1 through 18.1R3-S7, update to version 18.1R3-S8 or later. For Juniper Networks Junos OS on SRX5000 Series versions 18.2 through 18.2R2, update to version 18.2R3 or later. For Juniper Networks Junos OS on SRX5000 Series versions 18.3 through 18.3R1, update to version 18.3R2 or later. For Juniper Networks Junos OS on SRX5000 Series versions 18.4 through 18.4R1, update to version 18.4R2 or later. For Juniper Networks Junos OS on SRX5000 Series versions 19.1 through 19.1R1, update to version 19.1R2 or later.