CVE-2019-0048 – EX4300 Series: When a firewall filter is applied to a loopback interface, other firewall filters for multicast traffic may fail
https://notcve.org/view.php?id=CVE-2019-0048
On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority. This rule is meant for reserved multicast addresses 224.0.0.x, but incorrectly matches on 224.x.x.x. Due to this bug, when a firewall filter is applied on the loopback interface, other firewall filters might stop working for multicast traffic. The command 'show firewall filter' can be used to confirm whether the filter is working. This issue only affects the EX4300 switch. • https://kb.juniper.net/JSA10942 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2019-0046 – Junos OS: EX4300 Series: Denial of Service upon receipt of large number of specific valid packets on management interface.
https://notcve.org/view.php?id=CVE-2019-0046
A vulnerability in the pfe-chassisd Chassis Manager (CMLC) daemon of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the EX4300 when specific valid broadcast packets create a broadcast storm condition when received on the me0 interface of the EX4300 Series device. A reboot of the device is required to restore service. Continued receipt of these valid broadcast packets will create a sustained Denial of Service (DoS) against the device. Affected releases are Juniper Networks Junos OS: 16.1 versions above and including 16.1R1 prior to 16.1R7-S5; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S2; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2. Una vulnerabilidad en el demonio pfe-chassisd Chassis Manager (CMLC) en Junos OS de Juniper Networks, permite a un atacante causar una denegación de servicio (DoS) en el dispositivo EX4300 cuando paquetes de difusión válidos específicos crean una condición de tormenta de difusión cuando se recibieron en la interfaz me0 del dispositivo de la serie EX4300. • http://www.securityfocus.com/bid/109272 https://kb.juniper.net/JSA10938 • CWE-400: Uncontrolled Resource Consumption •
CVE-2019-0043 – Junos OS: RPD process crashes upon receipt of a specific SNMP packet
https://notcve.org/view.php?id=CVE-2019-0043
In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart. By continuously sending a specially crafted SNMP packet, an attacker can repetitively crash the RPD process causing prolonged denial of service. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS : 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D75 on SRX Series; 14.1X53 versions prior to 14.1X53-D48 on EX/QFX series; 15.1 versions prior to 15.1R4-S9, 15.1R7-S2; 15.1F6 versions prior to 15.1F6-S11; 15.1X49 versions prior to 15.1X49-D141, 15.1X49-D144, 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D68 on QFX10K Series; 15.1X53 versions prior to 15.1X53-D471, 15.1X53-D490 on NFX Series; 15.1X53 versions prior to 15.1X53-D590 on EX2300/EX3400 Series; 15.1X54 on ACX Series; 16.1 versions prior to 16.1R3-S10, 16.1R4-S11, 16.1R6-S5, 16.1R7; 16.1X65 versions prior to 16.1X65-D48; 16.2 versions prior to 16.2R2-S6; 17.1 versions prior to 17.1R2-S8, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.2X75 versions prior to 17.2X75-D92, 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 18.1 versions prior to 18.1R1-S1, 18.1R2-S1, 18.1R3; 18.2X75 versions prior to 18.2X75-D10. En entornos MPLS, la recepción de un paquete SNMP específico puede provocar que el proceso rpd (Routing Protocol Daemon) se cierre inesperadamente y se reinicie. • https://kb.juniper.net/JSA10935 • CWE-404: Improper Resource Shutdown or Release •
CVE-2019-0041 – Junos OS: EX4300-MP Series: IP transit traffic can reach the control plane via loopback interface.
https://notcve.org/view.php?id=CVE-2019-0041
On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface (lo0). The device may fail to forward such traffic. This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R1-S2, 18.2R2 on EX4300-MP Series. This issue does not affect any other EX series devices. En los dispositivos de la serie EX4300-MP con cualquier filtro lo0 aplicado, el tráfico de la red de tránsito puede alcanzar el plano de control por medio de la interfaz de bucle invertido (lo0). • https://kb.juniper.net/JSA10933 • CWE-284: Improper Access Control •
CVE-2019-0039 – Junos OS: Login credentials are vulnerable to brute force attacks through the REST API
https://notcve.org/view.php?id=CVE-2019-0039
If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administrators who do not enforce a strong password policy can increase the likelihood of success from brute force attacks. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; 15.1X49 versions prior to 15.1X49-D160; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D495, 15.1X53-D591, 15.1X53-D69; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S3; 16.1X65 versions prior to 16.1X65-D49; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S2; 17.4 versions prior to 17.4R1-S6, 17.4R2-S2; 18.1 versions prior to 18.1R2-S4, 18.1R3-S1; 18.2 versions prior to 18.2R1-S5; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R1-S1. Si la API REST está activada, las credenciales de inicio de sesión en Junos OS son vulnerables a los ataques por fuerza bruta. • http://www.securityfocus.com/bid/107899 https://kb.juniper.net/JSA10928 • CWE-307: Improper Restriction of Excessive Authentication Attempts •