Lucene search

[email protected]CVE-2019-0067

HistoryOct 09, 2019 - 8:15 p.m.

CVE-2019-0067

2019-10-0920:15:17

[email protected]

web.nvd.nist.gov

cve

2019

0067

ipv6

packet

dos

vulnerability

junos os

juniper networks

nvd

6.1 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.0%

JSON

Receipt of a specific link-local IPv6 packet destined to the RE may cause the system to crash and restart (vmcore). By continuously sending a specially crafted IPv6 packet, an attacker can repeatedly crash the system causing a prolonged Denial of Service (DoS). This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R6-S2, 16.1R7; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R3. This issue does not affect Juniper Networks Junos OS version 15.1 and prior versions.

Affected configurations

NVD

Node

juniperjunosMatch16.1-

juniperjunosMatch16.1r1

juniperjunosMatch16.1r2

juniperjunosMatch16.1r3

juniperjunosMatch16.1r3-s10

juniperjunosMatch16.1r3-s11

juniperjunosMatch16.1r4

juniperjunosMatch16.1r5-s4

juniperjunosMatch16.1r6-s1

juniperjunosMatch16.2-

juniperjunosMatch16.2r1

juniperjunosMatch16.2r2

juniperjunosMatch16.2r2-s1

juniperjunosMatch16.2r2-s2

juniperjunosMatch16.2r2-s5

juniperjunosMatch16.2r2-s6

juniperjunosMatch16.2r2-s7

juniperjunosMatch16.2r2-s8

juniperjunosMatch16.2r2-s9

juniperjunosMatch17.1-

juniperjunosMatch17.1r1

juniperjunosMatch17.1r2-s1

juniperjunosMatch17.1r2-s10

juniperjunosMatch17.1r2-s2

juniperjunosMatch17.1r2-s3

juniperjunosMatch17.1r2-s4

juniperjunosMatch17.1r2-s5

juniperjunosMatch17.1r2-s6

juniperjunosMatch17.1r2-s7

CPENameOperatorVersion
juniper:junosjuniper junoseq16.1
juniper:junosjuniper junoseq16.2
juniper:junosjuniper junoseq17.1

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	16.1
juniper:junos	juniper junos	eq	16.2
juniper:junos	juniper junos	eq	17.1

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThanOrEqual": "15.1",
        "status": "unaffected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1R6-S2, 16.1R7",
        "status": "affected",
        "version": "16.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.2R2-S10",
        "status": "affected",
        "version": "16.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.1R3",
        "status": "affected",
        "version": "17.1",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.juniper.net/JSA10966

6.1 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.0%

JSON

Related for CVE-2019-0067

cvelist1 nvd1 nessus2 prion1 symantec1