Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2019-0050
HistoryOct 09, 2019 - 8:15 p.m.

CVE-2019-0050

2019-10-0920:15:16
[email protected]
web.nvd.nist.gov
25
cve-2019-0050
srxpfe
denial of service
juniper
junos os
srx1500
nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.5%

JSON

Under certain heavy traffic conditions srxpfe process can crash and result in a denial of service condition for the SRX1500 device. Repeated crashes of the srxpfe can result in an extended denial of service condition. The SRX device may fail to forward traffic when this condition occurs. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D170 on SRX1500; 17.3 versions prior to 17.3R3-S7 on SRX1500; 17.4 versions prior to 17.4R2-S8, 17.4R3 on SRX1500; 18.1 versions prior to 18.1R3-S8 on SRX1500; 18.2 versions prior to 18.2R3 on SRX1500; 18.3 versions prior to 18.3R2 on SRX1500; 18.4 versions prior to 18.4R2 on SRX1500.

Affected configurations

NVD
Node
juniperjunosMatch15.1x49d100
OR
juniperjunosMatch15.1x49d110
OR
juniperjunosMatch15.1x49d120
OR
juniperjunosMatch15.1x49d130
OR
juniperjunosMatch15.1x49d140
OR
juniperjunosMatch15.1x49d150
OR
juniperjunosMatch15.1x49d160
OR
juniperjunosMatch15.1x49d30
OR
juniperjunosMatch15.1x49d40
OR
juniperjunosMatch15.1x49d50
OR
juniperjunosMatch15.1x49d60
OR
juniperjunosMatch15.1x49d70
OR
juniperjunosMatch15.1x49d75
OR
juniperjunosMatch15.1x49d80
OR
juniperjunosMatch15.1x49d90
AND
junipersrx1500Match-
Node
juniperjunosMatch17.3-
OR
juniperjunosMatch17.3r2
OR
juniperjunosMatch17.3r2-s1
OR
juniperjunosMatch17.3r2-s2
OR
juniperjunosMatch17.3r3-s1
OR
juniperjunosMatch17.3r3-s2
OR
juniperjunosMatch17.3r3-s3
OR
juniperjunosMatch17.3r3-s4
AND
junipersrx1500Match-
Node
juniperjunosMatch17.4-
OR
juniperjunosMatch17.4r1
OR
juniperjunosMatch17.4r1-s1
OR
juniperjunosMatch17.4r1-s2
OR
juniperjunosMatch17.4r1-s4
OR
juniperjunosMatch17.4r1-s6
OR
juniperjunosMatch17.4r1-s7
OR
juniperjunosMatch17.4r2
OR
juniperjunosMatch17.4r2-s1
OR
juniperjunosMatch17.4r2-s3
OR
juniperjunosMatch17.4r2-s4
AND
junipersrx1500Match-
Node
juniperjunosMatch18.1-
OR
juniperjunosMatch18.1r2
OR
juniperjunosMatch18.1r2-s1
OR
juniperjunosMatch18.1r2-s2
OR
juniperjunosMatch18.1r2-s4
OR
juniperjunosMatch18.1r3
OR
juniperjunosMatch18.1r3-s2
OR
juniperjunosMatch18.1r3-s3
OR
juniperjunosMatch18.1r3-s4
AND
junipersrx1500Match-
Node
juniperjunosMatch18.2-
OR
juniperjunosMatch18.2r1-s5
OR
juniperjunosMatch18.2r2-s1
OR
juniperjunosMatch18.2r2-s2
OR
juniperjunosMatch18.2r2-s3
OR
juniperjunosMatch18.2r2-s4
AND
junipersrx1500Match-
Node
juniperjunosMatch18.3-
OR
juniperjunosMatch18.3r1
OR
juniperjunosMatch18.3r1-s1
OR
juniperjunosMatch18.3r1-s2
OR
juniperjunosMatch18.3r1-s3
AND
junipersrx1500Match-
Node
juniperjunosMatch18.4-
OR
juniperjunosMatch18.4r1
OR
juniperjunosMatch18.4r1-s2
AND
junipersrx1500Match-
CPENameOperatorVersion
juniper:junosjuniper junoseq15.1x49

CNA Affected

[
  {
    "platforms": [
      "SRX1500"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X49-D170",
        "status": "affected",
        "version": "15.1X49",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R3-S7 (pending)",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R2-S8, 17.4R3",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R3-S8",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R3",
        "status": "affected",
        "version": "18.2",
        "versionType": "custom"
      },
      {
        "lessThan": "18.3R2",
        "status": "affected",
        "version": "18.3",
        "versionType": "custom"
      },
      {
        "lessThan": "18.4R2",
        "status": "affected",
        "version": "18.4",
        "versionType": "custom"
      }
    ]
  }
]

Related

cvelist 1
symantec 1
nessus 2
nvd 1
prion 1
cvelist
cvelist
CVE-2019-0050 Junos OS: SRX1500: Denial of service due to crash of srxpfe process under heavy traffic conditions.
2019-10-09 00:00:00
symantec
symantec
Juniper Junos CVE-2019-0050 Denial of Service Vulnerability
2019-10-09 00:00:00
nessus
nessus
Junos OS: srxpfe DoS (JSA10972)
2019-11-06 00:00:00
Juniper JSA10970
2020-01-29 00:00:00
nvd
nvd
CVE-2019-0050
2019-10-09 20:15:16
prion
prion
Design/Logic Flaw
2019-10-09 20:15:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.5%

JSON
Related for CVE-2019-0050
cvelist1symantec1nessus2nvd1prion1