Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveJuniperCVE-2019-0014
HistoryJan 15, 2019 - 9:29 p.m.

CVE-2019-0014

2019-01-1521:29:01
CWE-19
juniper
web.nvd.nist.gov
32
cve-2019-0014
qfx series
ptx series
j-flow
fpc process
dos
juniper networks
junos os
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

40.3%

JSON

On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down. By continuously sending the offending packet, an attacker can repeatedly crash the FPC process causing a sustained Denial of Service (DoS). This issue affects both IPv4 and IPv6 packet processing. Affected releases are Juniper Networks Junos OS on QFX and PTX Series: 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1; 18.2 versions prior to 18.2R1-S3, 18.2R2; 17.2X75 versions prior to 17.2X75-D91, 17.2X75-D100.

Affected configurations

Nvd
Node
juniperjunosMatch17.2x75d102
OR
juniperjunosMatch17.2x75d50
OR
juniperjunosMatch17.2x75d70
OR
juniperjunosMatch17.4
OR
juniperjunosMatch17.4r1
OR
juniperjunosMatch17.4r2
OR
juniperjunosMatch18.2r1
AND
juniperptx1000Match-
OR
juniperptx10002Match-
OR
juniperptx10008Match-
OR
juniperptx10016Match-
OR
juniperptx3000Match-
OR
juniperptx5000Match-
OR
juniperqfx10002Match-
OR
juniperqfx10008Match-
OR
juniperqfx10016Match-
OR
juniperqfx3500Match-
OR
juniperqfx3600Match-
OR
juniperqfx5100Match-
OR
juniperqfx5110Match-
OR
juniperqfx5120Match-
OR
juniperqfx5200Match-
OR
juniperqfx5210Match-
VendorProductVersionCPE
juniperjunos17.2x75cpe:2.3:o:juniper:junos:17.2x75:d102:*:*:*:*:*:*
juniperjunos17.2x75cpe:2.3:o:juniper:junos:17.2x75:d50:*:*:*:*:*:*
juniperjunos17.2x75cpe:2.3:o:juniper:junos:17.2x75:d70:*:*:*:*:*:*
juniperjunos17.4cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*
juniperjunos17.4cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*
juniperjunos17.4cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*
juniperjunos18.2cpe:2.3:o:juniper:junos:18.2:r1:*:*:*:*:*:*
juniperptx1000-cpe:2.3:h:juniper:ptx1000:-:*:*:*:*:*:*:*
juniperptx10002-cpe:2.3:h:juniper:ptx10002:-:*:*:*:*:*:*:*
juniperptx10008-cpe:2.3:h:juniper:ptx10008:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 231

CNA Affected

[
  {
    "platforms": [
      "QFX and PTX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "17.4R2-S1, 17.4R3",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R3-S1, 18.1R4",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R1-S3, 18.2R2",
        "status": "affected",
        "version": "18.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2X75-D91, 17.2X75-D100",
        "status": "affected",
        "version": "17.2X75",
        "versionType": "custom"
      }
    ]
  }
]

Related

nessus 1
prion 1
nvd 1
cvelist 1
nessus
nessus
Junos OS: FPC process crashes after J-Flow processes a malformed packet (JSA10914)
2019-01-11 00:00:00
prion
prion
Design/Logic Flaw
2019-01-15 21:29:00
nvd
nvd
CVE-2019-0014
2019-01-15 21:29:01
cvelist
cvelist
CVE-2019-0014 Junos OS: QFX and PTX Series: FPC process crashes after J-Flow processes a malformed packet
2019-01-15 21:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

40.3%

JSON
Related for CVE-2019-0014
nessus1prion1nvd1cvelist1