Vulnerability Description
On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS on EX and QFX series;: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R7; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 series; 15.1X53 versions prior to 15.1X53-D591 on EX2300/EX3400 series; 16.1 versions prior to 16.1R7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | 14.1x53 |
| Juniper | Ex2300 | - |
| Juniper | Ex2300-C | - |
| Juniper | Ex3400 | - |
| Juniper | Ex4600 | - |
| Juniper | Ex4650 | - |
| Juniper | Qfx3500 | - |
| Juniper | Qfx3600 | - |
| Juniper | Qfx5100 | - |
| Juniper | Qfx5110 | - |
| Juniper | Qfx5120 | - |
| Juniper | Qfx5200 | - |
| Juniper | Qfx5210 | - |
| Juniper | Gfx3600 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/106665Third Party AdvisoryVDB Entry
- https://kb.juniper.net/JSA10905Vendor Advisory
- http://www.securityfocus.com/bid/106665Third Party AdvisoryVDB Entry
- https://kb.juniper.net/JSA10905Vendor Advisory
FAQ
What is CVE-2019-0005?
CVE-2019-0005 is a vulnerability with a CVSS score of 5.3 (MEDIUM). On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been b...
How severe is CVE-2019-0005?
CVE-2019-0005 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-0005?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Ex2300, Juniper Ex2300-C, Juniper Ex3400, Juniper Ex4600.