1. Home
  2. CVE Database
  3. CVE-2019-0068
MEDIUM · 6.5

CVE-2019-0068

The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repe...

Vulnerability Description

The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D90; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions; 17.4 versions prior to 17.4R2-S5, 17.4R3; 18.1 versions prior to 18.1R3-S6; 18.2 versions prior to 18.2R2-S4, 18.2R3; 18.3 versions prior to 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S1, 19.1R2.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
JuniperJunos12.3x48
JuniperCsrx-
JuniperSrx100-
JuniperSrx110-
JuniperSrx1400-
JuniperSrx1500-
JuniperSrx210-
JuniperSrx220-
JuniperSrx240-
JuniperSrx300-
JuniperSrx320-
JuniperSrx340-
JuniperSrx3400-
JuniperSrx345-
JuniperSrx3600-
JuniperSrx4100-
JuniperSrx4200-
JuniperSrx4600-
JuniperSrx5400-
JuniperSrx550-

Related Weaknesses (CWE)

CWE-754

References

FAQ

What is CVE-2019-0068?

CVE-2019-0068 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repe...

How severe is CVE-2019-0068?

CVE-2019-0068 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-0068?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Csrx, Juniper Srx100, Juniper Srx110, Juniper Srx1400.