CVSS: 7.5EPSS: 1%CPEs: 75EXPL: 0CVE-2019-0001 – Junos OS: MX Series: uncontrolled recursion and crash in Broadband Edge subscriber management daemon (bbe-smgd).
https://notcve.org/view.php?id=CVE-2019-0001
Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU usage and a crash of the bbe-smgd service. Repeated receipt of the same packet can result in an extended denial of service condition for the device. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S1; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S1; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2. La recepción de un paquete mal formado en dispositivos MX Series con una configuración vlan dinámica puede desencadenar un bucle de recursión no controlado en el demonio de gestión de suscriptores Broadband Edge (bbe-smgd) y conducir a un alto uso de CPU y el cierre inesperado del servicio bbe-smgd. La recepción repetida del mismo paquete puede resultar en una condición de denegación de servicio (DoS) extendida para los dispositivos. • http://www.securityfocus.com/bid/106541 https://kb.juniper.net/JSA10900 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMKFSHPMOZL7MDWU5RYOTIBTRWSZ4Z6X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7CPKBW4QZ4VIY4UXIUVUSHRJ4R2FROE • CWE-674: Uncontrolled Recursion •
CVSS: 7.5EPSS: 0%CPEs: 147EXPL: 0CVE-2019-0012 – Junos OS: rpd crash on VPLS PE upon receipt of specific BGP message
https://notcve.org/view.php?id=CVE-2019-0012
A Denial of Service (DoS) vulnerability in BGP in Juniper Networks Junos OS configured as a VPLS PE allows an attacker to craft a specific BGP message to cause the routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. This issue only affects PE routers configured with BGP Auto discovery for LDP VPLS. Other BGP configurations are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D81; 12.3 versions prior to 12.3R12-S12; 12.3X48 versions prior to 12.3X48-D76; 14.1X53 versions prior to 14.1X53-D48; 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150; 15.1X53 versions prior to 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 15.1X53-D68; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S1; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3. • http://www.securityfocus.com/bid/106536 https://kb.juniper.net/JSA10912 •
CVSS: 5.5EPSS: 0%CPEs: 95EXPL: 0CVE-2019-0015 – Junos OS: SRX Series: Deleted dynamic VPN users are allowed to establish VPN connections until reboot
https://notcve.org/view.php?id=CVE-2019-0015
A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token caching, deleted users are allowed to connect once a previously successful dynamic VPN connection has been established. A reboot is required to clear the cached authentication token. Affected releases are Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D75; 15.1X49 versions prior to 15.1X49-D150; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2. • http://www.securityfocus.com/bid/106668 https://kb.juniper.net/JSA10915 • CWE-613: Insufficient Session Expiration •
CVSS: 6.5EPSS: 0%CPEs: 27EXPL: 0CVE-2019-0011 – Junos OS: Kernel crash after processing specific incoming packet to the out of band management interface (CVE-2019-0011)
https://notcve.org/view.php?id=CVE-2019-0011
The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destined for another address. By continuously sending this type of packet, an attacker can repeatedly crash the kernel causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 17.2X75 versions prior to 17.2X75-D110; 18.1 versions prior to 18.1R2. El kernel de Junos OS se cierra inesperadamente tras procesar un paquete entrante en concreto a la interfaz de gestión de banda (como fxp0, me0, em0, vme0) destinada a otra dirección. Mediante el envío continuo de este tipo de paquete, un atacante puede cerrar repetidamente el kernel, provocando una denegación de servicio (DoS) prolongada. • http://www.securityfocus.com/bid/106534 https://kb.juniper.net/JSA10911 •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2019-0009 – Junos OS: EX2300 and EX3400: High disk I/O operations may disrupt the communication between RE and PFE
https://notcve.org/view.php?id=CVE-2019-0009
On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). In a virtual chassis (VC) deployment, this issue disrupts communication between the VC members. This issue does not affect other Junos platforms. Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R2-S2, 18.1R3; 18.2 versions prior to 18.2R2. En las series EX2300 y EX3400, las operaciones high disk I/O podrían interrumpir las comunicaciones entre el motor de enrutamiento (RE) y el motor de reenvío de paquetes (PFE). • http://www.securityfocus.com/bid/106548 https://kb.juniper.net/JSA10909 •