Lucene search

[email protected]CVE-2019-0052

HistoryJul 11, 2019 - 8:15 p.m.

CVE-2019-0052

2019-07-1120:15:11

CWE-404

CWE-436

[email protected]

web.nvd.nist.gov

125

srxpfe process

srx series

services gateways

utm module

http packet

processor crash

url-filtering

web-filtering

juniper networks

junos os

nvd

cve-2019-0052

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

44.8%

JSON

The srxpfe process may crash on SRX Series services gateways when the UTM module processes a specific fragmented HTTP packet. The packet is misinterpreted as a regular TCP packet which causes the processor to crash. This issue affects all SRX Series platforms that support URL-Filtering and have web-filtering enabled. Affected releases are Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D85 on SRX Series; 15.1X49 versions prior to 15.1X49-D181, 15.1X49-D190 on SRX Series; 17.3 versions on SRX Series; 17.4 versions prior to 17.4R1-S8, 17.4R2-S5, 17.4R3 on SRX Series; 18.1 versions prior to 18.1R3-S6 on SRX Series; 18.2 versions prior to 18.2R2-S1, 18.2R3 on SRX Series; 18.3 versions prior to 18.3R1-S2, 18.3R2 on SRX Series; 18.4 versions prior to 18.4R1-S1, 18.4R2 on SRX Series.

Affected configurations

NVD

Node

juniperjunosMatch12.3x48d10

juniperjunosMatch12.3x48d15

juniperjunosMatch12.3x48d25

juniperjunosMatch12.3x48d30

juniperjunosMatch12.3x48d35

juniperjunosMatch12.3x48d40

juniperjunosMatch12.3x48d45

juniperjunosMatch12.3x48d50

juniperjunosMatch12.3x48d55

juniperjunosMatch12.3x48d60

juniperjunosMatch12.3x48d65

juniperjunosMatch12.3x48d70

juniperjunosMatch12.3x48d75

AND

junipersrx1500Match-

junipersrx300Match-

junipersrx4000Match-

junipersrx4600Match-

junipersrx5400Match-

junipersrx550Match-

junipersrx5600Match-

junipersrx5800Match-

Node

juniperjunosMatch15.1x49-

juniperjunosMatch15.1x49d10

juniperjunosMatch15.1x49d100

juniperjunosMatch15.1x49d110

juniperjunosMatch15.1x49d120

juniperjunosMatch15.1x49d130

juniperjunosMatch15.1x49d140

juniperjunosMatch15.1x49d150

juniperjunosMatch15.1x49d160

juniperjunosMatch15.1x49d170

juniperjunosMatch15.1x49d180

juniperjunosMatch15.1x49d20

juniperjunosMatch15.1x49d30

juniperjunosMatch15.1x49d35

juniperjunosMatch15.1x49d40

juniperjunosMatch15.1x49d45

juniperjunosMatch15.1x49d50

juniperjunosMatch15.1x49d55

juniperjunosMatch15.1x49d60

juniperjunosMatch15.1x49d65

juniperjunosMatch15.1x49d70

juniperjunosMatch15.1x49d75

juniperjunosMatch15.1x49d80

juniperjunosMatch15.1x49d90

AND

junipersrx1500Match-

junipersrx300Match-

junipersrx4000Match-

junipersrx4600Match-

junipersrx5400Match-

junipersrx550Match-

junipersrx5600Match-

junipersrx5800Match-

Node

juniperjunosMatch17.3-

juniperjunosMatch17.3r1

juniperjunosMatch17.3r2

juniperjunosMatch17.3r2-s1

juniperjunosMatch17.3r2-s2

juniperjunosMatch17.3r3

juniperjunosMatch17.3r3-s1

juniperjunosMatch17.3r3-s2

juniperjunosMatch17.3r3-s3

juniperjunosMatch17.3r3-s4

juniperjunosMatch17.3r3-s5

AND

junipersr4600Match-

junipersrx1500Match-

junipersrx300Match-

junipersrx4000Match-

junipersrx5400Match-

junipersrx550Match-

junipersrx5600Match-

junipersrx5800Match-

Node

juniperjunosMatch17.4-

juniperjunosMatch17.4r1

juniperjunosMatch17.4r1-s1

juniperjunosMatch17.4r1-s2

juniperjunosMatch17.4r1-s4

juniperjunosMatch17.4r1-s6

juniperjunosMatch17.4r1-s7

juniperjunosMatch17.4r2

juniperjunosMatch17.4r2-s1

juniperjunosMatch17.4r2-s2

juniperjunosMatch17.4r2-s3

juniperjunosMatch17.4r2-s4

AND

junipersrx1500Match-

junipersrx300Match-

junipersrx4000Match-

junipersrx4600Match-

junipersrx5400Match-

junipersrx550Match-

junipersrx5600Match-

junipersrx5800Match-

Node

juniperjunosMatch18.1-

juniperjunosMatch18.1r1

juniperjunosMatch18.1r2

juniperjunosMatch18.1r2-s1

juniperjunosMatch18.1r2-s2

juniperjunosMatch18.1r2-s4

juniperjunosMatch18.1r3

juniperjunosMatch18.1r3-s2

juniperjunosMatch18.1r3-s3

juniperjunosMatch18.1r3-s4

juniperjunosMatch18.1r3-s5

AND

junipersrx1500Match-

junipersrx300Match-

junipersrx4000Match-

junipersrx4600Match-

junipersrx5400Match-

junipersrx550Match-

junipersrx5600Match-

junipersrx5800Match-

Node

juniperjunosMatch18.2-

juniperjunosMatch18.2r1

juniperjunosMatch18.2r1-s3

juniperjunosMatch18.2r1-s4

juniperjunosMatch18.2r1-s5

juniperjunosMatch18.2r2

AND

junipersrx1500Match-

junipersrx300Match-

junipersrx4000Match-

junipersrx4600Match-

junipersrx5400Match-

junipersrx550Match-

junipersrx5600Match-

junipersrx5800Match-

Node

juniperjunosMatch18.3-

juniperjunosMatch18.3r1

juniperjunosMatch18.3r1-s1

AND

junipersrx1500Match-

junipersrx300Match-

junipersrx4000Match-

junipersrx4600Match-

junipersrx5400Match-

junipersrx550Match-

junipersrx5600Match-

junipersrx5800Match-

Node

juniperjunosMatch18.4-

juniperjunosMatch18.4r1

AND

junipersrx1500Match-

junipersrx300Match-

junipersrx4000Match-

junipersrx4600Match-

junipersrx5400Match-

junipersrx550Match-

junipersrx5600Match-

junipersrx5800Match-

CPENameOperatorVersion
juniper:junosjuniper junoseq12.3x48

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	12.3x48

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "status": "affected",
        "version": "12.3X48 versions prior to 12.3X48-D85 on SRX Series"
      },
      {
        "status": "affected",
        "version": "15.1X49 versions prior to 15.1X49-D181 and 15.1X49-D190 on SRX Series"
      },
      {
        "status": "affected",
        "version": "17.3 versions on SRX Series"
      },
      {
        "status": "affected",
        "version": "17.4 versions prior to 17.4R1-S8 and to 17.4R2-S5 and to 17.4R3 on SRX Series"
      },
      {
        "status": "affected",
        "version": "18.1 versions prior to 18.1R3-S6 on SRX Series"
      },
      {
        "status": "affected",
        "version": "18.2 versions prior to 18.2R2-S1 and to 18.2R3 on SRX Series"
      },
      {
        "status": "affected",
        "version": "18.3 versions prior to 18.3R1-S2 and to 18.3R2 on SRX Series"
      },
      {
        "status": "affected",
        "version": "18.4 versions prior to 18.4R1-S1 and to 18.4R2 on SRX Series"
      }
    ]
  }
]

References

www.securityfocus.com/bid/109145

kb.juniper.net/JSA10946

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

44.8%

JSON

Related for CVE-2019-0052

nvd1 cvelist1 prion1 nessus1