CVE-2019-0031

Junos OS: jdhcpd daemon memory consumption Denial of Service when receiving specific IPv6 DHCP packets.

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. Once started, memory consumption will eventually impact any IPv4 or IPv6 request serviced by the jdhcpd daemon, thus creating a Denial of Service (DoS) condition to clients requesting and not receiving IP addresses. Additionally, some clients which were previously holding IPv6 addresses will not have their IPv6 Identity Association (IA) address and network tables agreed upon by the jdhcpd daemon after the failover event occurs, which leads to more than one interface, and multiple IP addresses, being denied on the client. Affected releases are Juniper Networks Junos OS: 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2.

Los paquetes DHCP IPv6 específicos recibidos por el demonio jdhcpd causarán un problema de consumo de recursos de memoria en un dispositivo Junos OS que utiliza el demonio jdhcpd configurado para responder a las peticiones de IPv6. Una vez iniciado, el consumo de memoria afectará eventualmente a cualquier petición de IPv4 o IPv6 a la que da servicio el demonio jdhcpd, creando así una condición de Denegación de Servicio (DoS) para los clientes que solicitan y no reciben direcciones IP. Además, algunos clientes que anteriormente tenían direcciones IPv6 no tendrán su dirección de Asociación de Identidad (IA) IPv6 y tablas de red acordadas por el demonio jdhcpd después de que ocurra el evento de conmutación por error, lo que conlleva a más de una interfaz y múltiples direcciones IP, siendo negado en el cliente. Las versiones afectadas son Junos Networks Junos OS: 17.4 versiones anteriores a 17.4R2; 18.1 versiones anteriores a 18.1R2.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-10-11 CVE Reserved
2019-04-10 CVE Published
2024-08-31 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption
CWE-770: Allocation of Resources Without Limits or Throttling

CAPEC

References (2)

URL	Tag	Source
http://www.securityfocus.com/bid/107874	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://kb.juniper.net/JSA10920	2020-09-29

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Juniper Search vendor "Juniper"		Junos Search vendor "Juniper" for product "Junos"				>= 17.4 < 17.4r2 Search vendor "Juniper" for product "Junos" and version " >= 17.4 < 17.4r2"		-		Affected
Juniper Search vendor "Juniper"		Junos Search vendor "Juniper" for product "Junos"				>= 18.1 < 18.1r2 Search vendor "Juniper" for product "Junos" and version " >= 18.1 < 18.1r2"		-		Affected