Vulnerability Description
The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended Denial of Service (DoS) condition. This issue only affects IPv4 PIM. IPv6 PIM is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D77; 15.1 versions prior to 15.1F6-S10, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D150; 15.1X53 versions prior to 15.1X53-D233, 15.1X53-D59; 16.1 versions prior to 16.1R3-S8, 16.1R4-S8, 16.1R7; 16.2 versions prior to 16.2R2-S6; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R2-S3, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R2.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | 12.1x46 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/106519Third Party AdvisoryVDB Entry
- https://kb.juniper.net/JSA10913PatchVendor Advisory
- http://www.securityfocus.com/bid/106519Third Party AdvisoryVDB Entry
- https://kb.juniper.net/JSA10913PatchVendor Advisory
FAQ
What is CVE-2019-0013?
CVE-2019-0013 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended ...
How severe is CVE-2019-0013?
CVE-2019-0013 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-0013?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos.