Vulnerability Description
On EX2300 and EX3400 series, stateless firewall filter configuration that uses the action 'policer' in combination with other actions might not take effect. When this issue occurs, the output of the command: show pfe filter hw summary will not show the entry for: RACL group Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2. This issue affect both IPv4 and IPv6 firewall filter.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | 15.1x53 |
| Juniper | Ex2300 | - |
| Juniper | Ex3400 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/106669Third Party AdvisoryVDB Entry
- https://kb.juniper.net/JSA10901Vendor Advisory
- https://www.juniper.net/documentation/en_US/junos/topics/reference/command-summaVendor Advisory
- http://www.securityfocus.com/bid/106669Third Party AdvisoryVDB Entry
- https://kb.juniper.net/JSA10901Vendor Advisory
- https://www.juniper.net/documentation/en_US/junos/topics/reference/command-summaVendor Advisory
FAQ
What is CVE-2019-0002?
CVE-2019-0002 is a vulnerability with a CVSS score of 9.8 (CRITICAL). On EX2300 and EX3400 series, stateless firewall filter configuration that uses the action 'policer' in combination with other actions might not take effect. When this issue occurs, the output of the c...
How severe is CVE-2019-0002?
CVE-2019-0002 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-0002?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Ex2300, Juniper Ex3400.