// For flags

CVE-2019-0038

SRX Series: Crafted packets destined to fxp0 management interface on SRX340/SRX345 devices can lead to DoS

Severity Score

6.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion. This issue only affects the SRX340 and SRX345 services gateways. No other products or platforms are affected by this vulnerability. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D160 on SRX340/SRX345; 17.3 on SRX340/SRX345; 17.4 versions prior to 17.4R2-S3, 17.4R3 on SRX340/SRX345; 18.1 versions prior to 18.1R3-S1 on SRX340/SRX345; 18.2 versions prior to 18.2R2 on SRX340/SRX345; 18.3 versions prior to 18.3R1-S2, 18.3R2 on SRX340/SRX345. This issue does not affect Junos OS releases prior to 15.1X49 on any platform.

Los paquetes creados destinados a la interfaz de gestión (fxp0) de una pasarela de servicios SRX340 o SRX345 pueden crear una condición de denegación de servicio (DoS) debido al agotamiento del espacio de búfer. Este problema sólo afecta a las pasarelas de servicios SRX340 y SRX345. Ningún otro producto o plataforma se ve afectado por esta vulnerabilidad. Las versiones afectadas son el Juniper Networks Junos OS: Versiones 15.1X49 anteriores a 15.1X49-D160 en SRX340/SRX345; 17.3 en SRX340/SRX345; 17.4 versiones anteriores a 17.4R2-S3, 17.4R3 en SRX340/SRX345; 18.1 versiones anteriores a 18.1R3-S1 en SRX340/SRX345; 18.2 versiones anteriores a 18.2R2 en SRX340/SRX345; 18.3 versiones anteriores a 18.3R1-S2, 18.3R2 en SRX340/SRX345. Este problema no afecta a las versiones del Junos OS anteriores a 15.1X49 en ninguna plataforma.

*Credits: N/A
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Adjacent
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-10-11 CVE Reserved
  • 2019-04-10 CVE Published
  • 2024-08-31 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-400: Uncontrolled Resource Consumption
  • CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
References (2)
URL Tag Source
http://www.securityfocus.com/bid/107873 Third Party Advisory
URL Date SRC
URL Date SRC
URL Date SRC
https://kb.juniper.net/JSA10927 2021-10-25
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
-
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
-
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d10
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d10
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d150
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d150
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d20
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d20
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d30
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d30
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d35
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d35
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d40
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d40
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d45
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d45
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d50
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d50
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d55
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d55
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d60
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d60
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d65
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d65
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d70
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d70
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d75
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d75
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d80
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
15.1x49
Search vendor "Juniper" for product "Junos" and version "15.1x49"
d80
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
17.3
Search vendor "Juniper" for product "Junos" and version "17.3"
-
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
17.3
Search vendor "Juniper" for product "Junos" and version "17.3"
-
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
17.4
Search vendor "Juniper" for product "Junos" and version "17.4"
-
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
17.4
Search vendor "Juniper" for product "Junos" and version "17.4"
-
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
17.4
Search vendor "Juniper" for product "Junos" and version "17.4"
r2-s1
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
17.4
Search vendor "Juniper" for product "Junos" and version "17.4"
r2-s1
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
17.4
Search vendor "Juniper" for product "Junos" and version "17.4"
r2-s2
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
17.4
Search vendor "Juniper" for product "Junos" and version "17.4"
r2-s2
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.1
Search vendor "Juniper" for product "Junos" and version "18.1"
-
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.1
Search vendor "Juniper" for product "Junos" and version "18.1"
-
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.1
Search vendor "Juniper" for product "Junos" and version "18.1"
r1
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.1
Search vendor "Juniper" for product "Junos" and version "18.1"
r1
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.1
Search vendor "Juniper" for product "Junos" and version "18.1"
r2
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.1
Search vendor "Juniper" for product "Junos" and version "18.1"
r2
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.1
Search vendor "Juniper" for product "Junos" and version "18.1"
r2-s1
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.1
Search vendor "Juniper" for product "Junos" and version "18.1"
r2-s1
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.1
Search vendor "Juniper" for product "Junos" and version "18.1"
r2-s2
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.1
Search vendor "Juniper" for product "Junos" and version "18.1"
r2-s2
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.1
Search vendor "Juniper" for product "Junos" and version "18.1"
r3
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.1
Search vendor "Juniper" for product "Junos" and version "18.1"
r3
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.2
Search vendor "Juniper" for product "Junos" and version "18.2"
-
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.2
Search vendor "Juniper" for product "Junos" and version "18.2"
-
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.2
Search vendor "Juniper" for product "Junos" and version "18.2"
r1
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.2
Search vendor "Juniper" for product "Junos" and version "18.2"
r1
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.3
Search vendor "Juniper" for product "Junos" and version "18.3"
-
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.3
Search vendor "Juniper" for product "Junos" and version "18.3"
-
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.3
Search vendor "Juniper" for product "Junos" and version "18.3"
r1
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.3
Search vendor "Juniper" for product "Junos" and version "18.3"
r1
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.3
Search vendor "Juniper" for product "Junos" and version "18.3"
r1-s1
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.3
Search vendor "Juniper" for product "Junos" and version "18.3"
r1-s1
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.3
Search vendor "Juniper" for product "Junos" and version "18.3"
r2
Affected
in Juniper
Search vendor "Juniper"
Srx340
Search vendor "Juniper" for product "Srx340"
--
Safe
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
18.3
Search vendor "Juniper" for product "Junos" and version "18.3"
r2
Affected
in Juniper
Search vendor "Juniper"
Srx345
Search vendor "Juniper" for product "Srx345"
--
Safe