CVE-2019-0038
SRX Series: Crafted packets destined to fxp0 management interface on SRX340/SRX345 devices can lead to DoS
Severity Score
6.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion. This issue only affects the SRX340 and SRX345 services gateways. No other products or platforms are affected by this vulnerability. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D160 on SRX340/SRX345; 17.3 on SRX340/SRX345; 17.4 versions prior to 17.4R2-S3, 17.4R3 on SRX340/SRX345; 18.1 versions prior to 18.1R3-S1 on SRX340/SRX345; 18.2 versions prior to 18.2R2 on SRX340/SRX345; 18.3 versions prior to 18.3R1-S2, 18.3R2 on SRX340/SRX345. This issue does not affect Junos OS releases prior to 15.1X49 on any platform.
Los paquetes creados destinados a la interfaz de gestión (fxp0) de una pasarela de servicios SRX340 o SRX345 pueden crear una condición de denegación de servicio (DoS) debido al agotamiento del espacio de búfer. Este problema sólo afecta a las pasarelas de servicios SRX340 y SRX345. Ningún otro producto o plataforma se ve afectado por esta vulnerabilidad. Las versiones afectadas son el Juniper Networks Junos OS: Versiones 15.1X49 anteriores a 15.1X49-D160 en SRX340/SRX345; 17.3 en SRX340/SRX345; 17.4 versiones anteriores a 17.4R2-S3, 17.4R3 en SRX340/SRX345; 18.1 versiones anteriores a 18.1R3-S1 en SRX340/SRX345; 18.2 versiones anteriores a 18.2R2 en SRX340/SRX345; 18.3 versiones anteriores a 18.3R1-S2, 18.3R2 en SRX340/SRX345. Este problema no afecta a las versiones del Junos OS anteriores a 15.1X49 en ninguna plataforma.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-10-11 CVE Reserved
- 2019-04-10 CVE Published
- 2024-08-31 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
- CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/107873 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://kb.juniper.net/JSA10927 | 2021-10-25 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | - |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | - |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d10 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d10 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d150 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d150 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d20 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d20 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d30 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d30 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d35 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d35 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d40 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d40 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d45 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d45 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d50 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d50 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d55 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d55 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d60 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d60 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d65 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d65 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d70 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d70 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d75 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d75 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d80 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 15.1x49 Search vendor "Juniper" for product "Junos" and version "15.1x49" | d80 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.3 Search vendor "Juniper" for product "Junos" and version "17.3" | - |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.3 Search vendor "Juniper" for product "Junos" and version "17.3" | - |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | - |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | - |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | r2-s1 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | r2-s1 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | r2-s2 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 17.4 Search vendor "Juniper" for product "Junos" and version "17.4" | r2-s2 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.1 Search vendor "Juniper" for product "Junos" and version "18.1" | - |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.1 Search vendor "Juniper" for product "Junos" and version "18.1" | - |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.1 Search vendor "Juniper" for product "Junos" and version "18.1" | r1 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.1 Search vendor "Juniper" for product "Junos" and version "18.1" | r1 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.1 Search vendor "Juniper" for product "Junos" and version "18.1" | r2 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.1 Search vendor "Juniper" for product "Junos" and version "18.1" | r2 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.1 Search vendor "Juniper" for product "Junos" and version "18.1" | r2-s1 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.1 Search vendor "Juniper" for product "Junos" and version "18.1" | r2-s1 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.1 Search vendor "Juniper" for product "Junos" and version "18.1" | r2-s2 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.1 Search vendor "Juniper" for product "Junos" and version "18.1" | r2-s2 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.1 Search vendor "Juniper" for product "Junos" and version "18.1" | r3 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.1 Search vendor "Juniper" for product "Junos" and version "18.1" | r3 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.2 Search vendor "Juniper" for product "Junos" and version "18.2" | - |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.2 Search vendor "Juniper" for product "Junos" and version "18.2" | - |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.2 Search vendor "Juniper" for product "Junos" and version "18.2" | r1 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.2 Search vendor "Juniper" for product "Junos" and version "18.2" | r1 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.3 Search vendor "Juniper" for product "Junos" and version "18.3" | - |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.3 Search vendor "Juniper" for product "Junos" and version "18.3" | - |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.3 Search vendor "Juniper" for product "Junos" and version "18.3" | r1 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.3 Search vendor "Juniper" for product "Junos" and version "18.3" | r1 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.3 Search vendor "Juniper" for product "Junos" and version "18.3" | r1-s1 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.3 Search vendor "Juniper" for product "Junos" and version "18.3" | r1-s1 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.3 Search vendor "Juniper" for product "Junos" and version "18.3" | r2 |
Affected
| in | Juniper Search vendor "Juniper" | Srx340 Search vendor "Juniper" for product "Srx340" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 18.3 Search vendor "Juniper" for product "Junos" and version "18.3" | r2 |
Affected
| in | Juniper Search vendor "Juniper" | Srx345 Search vendor "Juniper" for product "Srx345" | - | - |
Safe
|