CVE-2019-0011
Junos OS: Kernel crash after processing specific incoming packet to the out of band management interface (CVE-2019-0011)
Severity Score
6.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destined for another address. By continuously sending this type of packet, an attacker can repeatedly crash the kernel causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 17.2X75 versions prior to 17.2X75-D110; 18.1 versions prior to 18.1R2.
El kernel de Junos OS se cierra inesperadamente tras procesar un paquete entrante en concreto a la interfaz de gestión de banda (como fxp0, me0, em0, vme0) destinada a otra dirección. Mediante el envío continuo de este tipo de paquete, un atacante puede cerrar repetidamente el kernel, provocando una denegación de servicio (DoS) prolongada. Las versiones afectadas son Juniper Networks Junos OS: 17.2 en versiones anteriores a la 17.2R1-S7 y la 17.2R3; 17.3 en versiones anteriores a la 17.3R3-S3; 17.4 en versiones anteriores a la 17.4R1-S4 y la 17.4R2; 17.2X75 en versiones anteriores a la 17.2X75-D110 y 18.1 en versiones anteriores a la 18.1R2.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-10-11 CVE Reserved
- 2019-01-15 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/106534 | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://kb.juniper.net/JSA10911 | 2022-04-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2 Search vendor "Juniper" for product "Junos" and version "17.2" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2 Search vendor "Juniper" for product "Junos" and version "17.2" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2 Search vendor "Juniper" for product "Junos" and version "17.2" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2 Search vendor "Juniper" for product "Junos" and version "17.2" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2 Search vendor "Juniper" for product "Junos" and version "17.2" | r1-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2 Search vendor "Juniper" for product "Junos" and version "17.2" | r1-s4 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2 Search vendor "Juniper" for product "Junos" and version "17.2" | r1-s5 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2 Search vendor "Juniper" for product "Junos" and version "17.2" | r1-s6 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.3 Search vendor "Juniper" for product "Junos" and version "17.3" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.3 Search vendor "Juniper" for product "Junos" and version "17.3" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.3 Search vendor "Juniper" for product "Junos" and version "17.3" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.3 Search vendor "Juniper" for product "Junos" and version "17.3" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.3 Search vendor "Juniper" for product "Junos" and version "17.3" | r3-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.3 Search vendor "Juniper" for product "Junos" and version "17.3" | r3-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | r1-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2x75 Search vendor "Juniper" for product "Junos" and version "17.2x75" | - |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2x75 Search vendor "Juniper" for product "Junos" and version "17.2x75" | d100 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2x75 Search vendor "Juniper" for product "Junos" and version "17.2x75" | d102 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2x75 Search vendor "Juniper" for product "Junos" and version "17.2x75" | d50 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2x75 Search vendor "Juniper" for product "Junos" and version "17.2x75" | d70 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2x75 Search vendor "Juniper" for product "Junos" and version "17.2x75" | d90 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.2x75 Search vendor "Juniper" for product "Junos" and version "17.2x75" | d92 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.1 Search vendor "Juniper" for product "Junos" and version "18.1" | - |
Affected
| ||||||