Published: 15/01/2019 Updated: 22/07/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down. By continuously sending the offending packet, an attacker can repeatedly crash the FPC process causing a sustained Denial of Service (DoS). This issue affects both IPv4 and IPv6 packet processing. Affected releases are Juniper Networks Junos OS on QFX and PTX Series: 17.4 versions before 17.4R2-S1, 17.4R3; 18.1 versions before 18.1R3-S1; 18.2 versions before 18.2R1-S3, 18.2R2; 17.2X75 versions before 17.2X75-D91, 17.2X75-D100.

Vulnerable Product	Search on Vulmon	Subscribe to Product
juniper junos 17.2x75
juniper junos 17.4
juniper junos 18.2

Before you slink off to the pub, be sure to patch these 19 serious vulns in Juniper Networks kit

The Register • Richard Chirgwin • 10 Jan 2019

Happy New Year from the Gin Palace

Juniper Networks has had its first big bug day in months, with 19 patches announced covering everything from third-party package catchups to critical errors in password handling. For the sake of organisation, let's pick up patches in the Junos OS first (there being so many patches, The Register will focus on those rated "High" and "Critical"). First on the critical list is CVE-2019-0006, which affects Junos OS 14.1X53, 15.1, and 15.1X53 running on EX, QFX and MX units. A crafted HTTP packet can ...

CVE-2019-0014

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect