CVE-2019-0011 — MEDIUM (6.5)

Vulnerability Description

The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destined for another address. By continuously sending this type of packet, an attacker can repeatedly crash the kernel causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 17.2X75 versions prior to 17.2X75-D110; 18.1 versions prior to 18.1R2.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Juniper	Junos	17.2

References

http://www.securityfocus.com/bid/106534Broken LinkThird Party AdvisoryVDB Entry
https://kb.juniper.net/JSA10911Vendor Advisory
http://www.securityfocus.com/bid/106534Broken LinkThird Party AdvisoryVDB Entry
https://kb.juniper.net/JSA10911Vendor Advisory

FAQ

What is CVE-2019-0011?

CVE-2019-0011 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destined for another address. By continuously sending thi...

How severe is CVE-2019-0011?

CVE-2019-0011 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-0011?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos.