CVE-2019-0009 — MEDIUM (5.5)

Vulnerability Description

On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). In a virtual chassis (VC) deployment, this issue disrupts communication between the VC members. This issue does not affect other Junos platforms. Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R2-S2, 18.1R3; 18.2 versions prior to 18.2R2.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Juniper	Junos	15.1x53
Juniper	Ex2300	-
Juniper	Ex3400	-

References

http://www.securityfocus.com/bid/106548Third Party AdvisoryVDB Entry
https://kb.juniper.net/JSA10909Vendor Advisory
http://www.securityfocus.com/bid/106548Third Party AdvisoryVDB Entry
https://kb.juniper.net/JSA10909Vendor Advisory

FAQ

What is CVE-2019-0009?

CVE-2019-0009 is a vulnerability with a CVSS score of 5.5 (MEDIUM). On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). In a virtual chassis (VC) deployment, this i...

How severe is CVE-2019-0009?

CVE-2019-0009 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-0009?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Ex2300, Juniper Ex3400.