CVE-2018-0030
Junos OS: MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) and PTX1K: Line card may crash upon receipt of specific MPLS packet.
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K to crash and restart. By continuously sending specific MPLS packets, an attacker can repeatedly crash the line cards or PTX1K causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS with MPC7/8/9 or PTX-FPC3 (FPC-P1, FPC-P2) installed and PTX1K: 15.1F versions prior to 15.1F6-S10; 15.1 versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7; 16.1 versions prior to 16.1R3-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.1X65 versions prior to 16.1X65-D46; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S4, 17.2R2-S4, 17.2R3; 17.2X75 versions prior to 17.2X75-D70, 17.2X75-D90; 17.3 versions prior to 17.3R1-S4, 17.3R2, 17.4 versions prior to 17.4R1-S2, 17.4R2. Refer to KB25385 for more information about PFE line cards.
La recepción de un paquete MPLS específico podría provocar que las tarjetas de línea MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) o PTX1K se cierre inesperadamente y se reinicie. Mediante el envío continuo de paquetes MPLS, un atacante puede cerrar repetidamente las tarjetas de línea o PTX1K, provocando una denegación de servicio (DoS) prolongada. Las versiones afectadas son Juniper Networks Junos OS con MPC7/8/9 o PTX-FPC3 (FPC-P1, FPC-P2) instalados y PTX1K: 15.1F en versiones anteriores a la 15.1F6-S10; 15.1 en versiones anteriores a la 15.1R4-S9, 15.1R6-S6, 15.1R7; 16.1 en versiones anteriores a la 16.1R3-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.1X65 en versiones anteriores a la 16.1X65-D46; 16.2 en versiones anteriores a la 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 en versiones anteriores a la 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 en versiones anteriores a la 17.2R1-S4, 17.2R2-S4, 17.2R3; 17.2X75 en versiones anteriores a la 17.2X75-D70, 17.2X75-D90; 17.3 en versiones anteriores a la 17.3R1-S4, 17.3R2 y 17.4 en versiones anteriores a la 17.4R1-S2, 17.4R2. KB25385 contiene más información sobre las tarjetas de línea PFE.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-11-16 CVE Reserved
- 2018-07-11 CVE Published
- 2024-02-28 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securitytracker.com/id/1041325 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://kb.juniper.net/JSA10864 | 2019-10-09 | |
| https://kb.juniper.net/KB25385 | 2019-10-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | f |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | f2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | f3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | f4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | f5 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | f6 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | f4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | r6-s6 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1 Search vendor "Juniper" for product "Junos" and version "15.1" | r7 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.1 Search vendor "Juniper" for product "Junos" and version "16.1" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.1 Search vendor "Juniper" for product "Junos" and version "16.1" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.1 Search vendor "Juniper" for product "Junos" and version "16.1" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.1 Search vendor "Juniper" for product "Junos" and version "16.1" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.1 Search vendor "Juniper" for product "Junos" and version "16.1" | r4-s9 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.1 Search vendor "Juniper" for product "Junos" and version "16.1" | r5-s4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.1 Search vendor "Juniper" for product "Junos" and version "16.1" | r6-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.1 Search vendor "Juniper" for product "Junos" and version "16.1" | r7 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.1x65 Search vendor "Juniper" for product "Junos" and version "16.1x65" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.1x65 Search vendor "Juniper" for product "Junos" and version "16.1x65" | d30 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.1x65 Search vendor "Juniper" for product "Junos" and version "16.1x65" | d35 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.1x65 Search vendor "Juniper" for product "Junos" and version "16.1x65" | d40 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.2 Search vendor "Juniper" for product "Junos" and version "16.2" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.2 Search vendor "Juniper" for product "Junos" and version "16.2" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.2 Search vendor "Juniper" for product "Junos" and version "16.2" | r2-s5 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 16.2 Search vendor "Juniper" for product "Junos" and version "16.2" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.1 Search vendor "Juniper" for product "Junos" and version "17.1" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.1 Search vendor "Juniper" for product "Junos" and version "17.1" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.1 Search vendor "Juniper" for product "Junos" and version "17.1" | r2-s7 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.1 Search vendor "Juniper" for product "Junos" and version "17.1" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2 Search vendor "Juniper" for product "Junos" and version "17.2" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2 Search vendor "Juniper" for product "Junos" and version "17.2" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2 Search vendor "Juniper" for product "Junos" and version "17.2" | r2-s4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2 Search vendor "Juniper" for product "Junos" and version "17.2" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.3 Search vendor "Juniper" for product "Junos" and version "17.3" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.3 Search vendor "Juniper" for product "Junos" and version "17.3" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.3 Search vendor "Juniper" for product "Junos" and version "17.3" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2x75 Search vendor "Juniper" for product "Junos" and version "17.2x75" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2x75 Search vendor "Juniper" for product "Junos" and version "17.2x75" | d90 |
Affected
| ||||||