CVE-2019-0008 (GCVE-0-2019-0008)

Vulnerability from cvelistv5 – Published: 2019-04-10 20:13 – Updated: 2024-09-16 16:17
VLAI?
Summary
A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. Affected releases are Juniper Networks Junos OS on QFX 5000 series, EX4300, EX4600 are: 14.1X53; 15.1X53 versions prior to 15.1X53-D235; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S2, 17.3R4; 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1, 18.1R4; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R2.
Severity ?
9.8 (Critical)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-121 - Stack based buffer overflow vulnerability
Assigner
References
https://kb.juniper.net/JSA10930 x_refsource_CONFIRM
http://www.securityfocus.com/bid/107897 vdb-entryx_refsource_BID
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: 14.1X53
Affected: 15.1X53 , < 15.1X53-D235 (custom)
Affected: 17.1 , < 17.1R3 (custom)
Affected: 18.1 , < 18.1R3-S1, 18.1R4 (custom)
Affected: 18.2 , < 18.2R2 (custom)
Affected: 18.3 , < 18.3R2 (custom)
Create a notification for this product.
    Juniper Networks Junos OS Affected: 17.2 , < 17.2R3 (custom)
Affected: 17.3 , < 17.3R3-S2, 17.3R4 (custom)
Affected: 17.4 , < 17.4R2-S1, 17.4R3 (custom)
Create a notification for this product.
    Juniper Networks Junos OS Affected: 18.2X75 , < 18.2X75-D30 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:37:07.344Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10930"
          },
          {
            "name": "107897",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107897"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "QFX5000 series, EX4300, EX4600"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "status": "affected",
              "version": "14.1X53"
            },
            {
              "lessThan": "15.1X53-D235",
              "status": "affected",
              "version": "15.1X53",
              "versionType": "custom"
            },
            {
              "lessThan": "17.1R3",
              "status": "affected",
              "version": "17.1",
              "versionType": "custom"
            },
            {
              "lessThan": "18.1R3-S1, 18.1R4",
              "status": "affected",
              "version": "18.1",
              "versionType": "custom"
            },
            {
              "lessThan": "18.2R2",
              "status": "affected",
              "version": "18.2",
              "versionType": "custom"
            },
            {
              "lessThan": "18.3R2",
              "status": "affected",
              "version": "18.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "QFX5000 series,  EX4300, EX4600"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "17.2R3",
              "status": "affected",
              "version": "17.2",
              "versionType": "custom"
            },
            {
              "lessThan": "17.3R3-S2, 17.3R4",
              "status": "affected",
              "version": "17.3",
              "versionType": "custom"
            },
            {
              "lessThan": "17.4R2-S1, 17.4R3",
              "status": "affected",
              "version": "17.4",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "18.2X75-D30",
              "status": "affected",
              "version": "18.2X75",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-04-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. Affected releases are Juniper Networks Junos OS on QFX 5000 series, EX4300, EX4600 are: 14.1X53; 15.1X53 versions prior to 15.1X53-D235; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S2, 17.3R4; 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1, 18.1R4; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack based buffer overflow vulnerability",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-15T09:06:04",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA10930"
        },
        {
          "name": "107897",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107897"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 15.1X53-D235, 17.1R3, 17.2R3, 17.3R3-S2, 17.3R4, 17.4R2-S1, 17.4R3, 18.1R3-S1, 18.1R4, 18.2R2, 18.2X75-D30, 18.3R2, 18.4R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA10930",
        "defect": [
          "1371400"
        ],
        "discovery": "USER"
      },
      "title": "QFX5000 Series, EX4300, EX4600: A stack buffer overflow vulnerability in Packet Forwarding Engine manager (FXPC) process",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no viable workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.6"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2019-04-10T16:00:00.000Z",
          "ID": "CVE-2019-0008",
          "STATE": "PUBLIC",
          "TITLE": "QFX5000 Series, EX4300, EX4600: A stack buffer overflow vulnerability in Packet Forwarding Engine manager (FXPC) process"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "QFX5000 series, EX4300, EX4600",
                            "version_affected": "=",
                            "version_name": "14.1X53",
                            "version_value": "14.1X53"
                          },
                          {
                            "platform": "QFX5000 series, EX4300, EX4600",
                            "version_affected": "\u003c",
                            "version_name": "15.1X53",
                            "version_value": "15.1X53-D235"
                          },
                          {
                            "platform": "QFX5000 series, EX4300, EX4600",
                            "version_affected": "\u003c",
                            "version_name": "17.1",
                            "version_value": "17.1R3"
                          },
                          {
                            "platform": "QFX5000 series,  EX4300, EX4600",
                            "version_affected": "\u003c",
                            "version_name": "17.2",
                            "version_value": "17.2R3"
                          },
                          {
                            "platform": "QFX5000 series,  EX4300, EX4600",
                            "version_affected": "\u003c",
                            "version_name": "17.3",
                            "version_value": "17.3R3-S2, 17.3R4"
                          },
                          {
                            "platform": "QFX5000 series,  EX4300, EX4600",
                            "version_affected": "\u003c",
                            "version_name": "17.4",
                            "version_value": "17.4R2-S1, 17.4R3"
                          },
                          {
                            "platform": "QFX5000 series, EX4300, EX4600",
                            "version_affected": "\u003c",
                            "version_name": "18.1",
                            "version_value": "18.1R3-S1, 18.1R4"
                          },
                          {
                            "platform": "QFX5000 series, EX4300, EX4600",
                            "version_affected": "\u003c",
                            "version_name": "18.2",
                            "version_value": "18.2R2"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "18.2X75",
                            "version_value": "18.2X75-D30"
                          },
                          {
                            "platform": "QFX5000 series, EX4300, EX4600",
                            "version_affected": "\u003c",
                            "version_name": "18.3",
                            "version_value": "18.3R2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. Affected releases are Juniper Networks Junos OS on QFX 5000 series, EX4300, EX4600 are: 14.1X53; 15.1X53 versions prior to 15.1X53-D235; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S2, 17.3R4; 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1, 18.1R4; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R2."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.6"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121 Stack based buffer overflow vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10930",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA10930"
            },
            {
              "name": "107897",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107897"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: 15.1X53-D235, 17.1R3, 17.2R3, 17.3R3-S2, 17.3R4, 17.4R2-S1, 17.4R3, 18.1R3-S1, 18.1R4, 18.2R2, 18.2X75-D30, 18.3R2, 18.4R1, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA10930",
          "defect": [
            "1371400"
          ],
          "discovery": "USER"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "There are no viable workarounds for this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2019-0008",
    "datePublished": "2019-04-10T20:13:50.973967Z",
    "dateReserved": "2018-10-11T00:00:00",
    "dateUpdated": "2024-09-16T16:17:56.196Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1x53\", \"versionEndExcluding\": \"15.1x53-d235\", \"matchCriteriaId\": \"042819DE-B469-4360-A524-6E450C125031\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.1\", \"versionEndExcluding\": \"17.1r3\", \"matchCriteriaId\": \"153426AC-018F-42C8-89F8-DF1FE684E4C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.2\", \"versionEndExcluding\": \"17.2r3\", \"matchCriteriaId\": \"47B84768-0474-43BF-BA6B-96E1228DC2DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.3\", \"versionEndExcluding\": \"17.3r3-s2\", \"matchCriteriaId\": \"7C4AA7DC-A6B0-4E19-9C61-FB54228779EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.4\", \"versionEndExcluding\": \"17.4r2-s1\", \"matchCriteriaId\": \"69641840-D130-4C65-8243-FFC27C767E2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"18.1\", \"versionEndExcluding\": \"18.1r3-s1\", \"matchCriteriaId\": \"93187AAA-2A4C-4F2E-A5A0-44EB6209B91D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"18.2\", \"versionEndExcluding\": \"18.2r2\", \"matchCriteriaId\": \"22EAE8BB-9BB7-450B-A033-AEB9276CA179\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"18.2x75\", \"versionEndExcluding\": \"18.2x75-d30\", \"matchCriteriaId\": \"9C8FC105-3629-43BC-BDF8-8ADEACC7C76F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"18.3\", \"versionEndExcluding\": \"18.3r2\", \"matchCriteriaId\": \"7529AAC7-7E0A-4913-8AE0-CDF3179C5DA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C7FCCC1-B151-465A-8327-26DB5DC074F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F69A0E5-B61B-405D-B501-9CB306651CEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"974B6128-ABD2-4D9C-87A1-5F1740DDCB95\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBF736F6-ED05-4DC1-96FB-3F35BA5B3EFD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E594D6DC-87F6-40D2-8268-ED6021462168\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:ex4300m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F07B0E0B-D2F2-4CF1-A8EA-A1E8DE83BBB4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1BB20B5-EA30-4E8E-9055-2E629648436A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B425BB1-3C78-42B1-A6C1-216E514191F0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E974B4BC-64C5-4BB6-AF31-D46AF3763416\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79A8847B-4F98-4949-8639-5CD2B411D10F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09EBDE4B-764F-4DF1-844A-BB8A52CD53EF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:qfx5200-32c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38D790AD-D00F-4FED-96FE-3046C827356B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:qfx5200-48y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BAD9AD5C-947D-41EF-9969-FCCEB144984F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:qfx5210-64c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B86047DE-A0A0-4698-9414-B66C0FA7B544\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. Affected releases are Juniper Networks Junos OS on QFX 5000 series, EX4300, EX4600 are: 14.1X53; 15.1X53 versions prior to 15.1X53-D235; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S2, 17.3R4; 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1, 18.1R4; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R2.\"}, {\"lang\": \"es\", \"value\": \"Una cierta secuencia de paquetes BGP o IPv6 BFD v\\u00e1lidos puede desencadenar un desbordamiento de b\\u00fafer basado en pila en Junos OS Packet Forwarding Engine manager (FXPC), en dispositivos de las series QFX5000, EX4300, EX4600. Este problema puede resultar en un fallo del demonio fxpc o puede llevar a la ejecuci\\u00f3n remota del c\\u00f3digo. Las versiones afectadas son Juniper Networks y Junos OS en QFX serie 5000, EX4300, EX4600: 14.1X53; 15.1X53 versiones anteriores a 15.1X53-D235; 17.1 versiones anteriores a 17.1R3; 17.2 versiones anteriores a 17.2R3; 17.3 versiones anteriores a 17.3R3-S2, 17.3R4; 17.4 versiones anteriores a 17.4R2-S1, 17.4R3; 18.1 versiones anteriores a 18.1R3-S1, 18.1R4; 18.2 versiones anteriores a 18.2R2; 18.2X75 versiones anteriores a 18.2X75-D30; 18.3 versiones anteriores a 18.3R2.\"}]",
      "id": "CVE-2019-0008",
      "lastModified": "2024-11-21T04:16:02.183",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV30\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-04-10T20:29:00.380",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/107897\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.juniper.net/JSA10930\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/107897\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.juniper.net/JSA10930\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-121\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-0008\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2019-04-10T20:29:00.380\",\"lastModified\":\"2024-11-21T04:16:02.183\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. Affected releases are Juniper Networks Junos OS on QFX 5000 series, EX4300, EX4600 are: 14.1X53; 15.1X53 versions prior to 15.1X53-D235; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S2, 17.3R4; 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1, 18.1R4; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R2.\"},{\"lang\":\"es\",\"value\":\"Una cierta secuencia de paquetes BGP o IPv6 BFD v\u00e1lidos puede desencadenar un desbordamiento de b\u00fafer basado en pila en Junos OS Packet Forwarding Engine manager (FXPC), en dispositivos de las series QFX5000, EX4300, EX4600. Este problema puede resultar en un fallo del demonio fxpc o puede llevar a la ejecuci\u00f3n remota del c\u00f3digo. Las versiones afectadas son Juniper Networks y Junos OS en QFX serie 5000, EX4300, EX4600: 14.1X53; 15.1X53 versiones anteriores a 15.1X53-D235; 17.1 versiones anteriores a 17.1R3; 17.2 versiones anteriores a 17.2R3; 17.3 versiones anteriores a 17.3R3-S2, 17.3R4; 17.4 versiones anteriores a 17.4R2-S1, 17.4R3; 18.1 versiones anteriores a 18.1R3-S1, 18.1R4; 18.2 versiones anteriores a 18.2R2; 18.2X75 versiones anteriores a 18.2X75-D30; 18.3 versiones anteriores a 18.3R2.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1x53\",\"versionEndExcluding\":\"15.1x53-d235\",\"matchCriteriaId\":\"042819DE-B469-4360-A524-6E450C125031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.1\",\"versionEndExcluding\":\"17.1r3\",\"matchCriteriaId\":\"153426AC-018F-42C8-89F8-DF1FE684E4C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.2\",\"versionEndExcluding\":\"17.2r3\",\"matchCriteriaId\":\"47B84768-0474-43BF-BA6B-96E1228DC2DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.3\",\"versionEndExcluding\":\"17.3r3-s2\",\"matchCriteriaId\":\"7C4AA7DC-A6B0-4E19-9C61-FB54228779EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.4\",\"versionEndExcluding\":\"17.4r2-s1\",\"matchCriteriaId\":\"69641840-D130-4C65-8243-FFC27C767E2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.1\",\"versionEndExcluding\":\"18.1r3-s1\",\"matchCriteriaId\":\"93187AAA-2A4C-4F2E-A5A0-44EB6209B91D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.2\",\"versionEndExcluding\":\"18.2r2\",\"matchCriteriaId\":\"22EAE8BB-9BB7-450B-A033-AEB9276CA179\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.2x75\",\"versionEndExcluding\":\"18.2x75-d30\",\"matchCriteriaId\":\"9C8FC105-3629-43BC-BDF8-8ADEACC7C76F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.3\",\"versionEndExcluding\":\"18.3r2\",\"matchCriteriaId\":\"7529AAC7-7E0A-4913-8AE0-CDF3179C5DA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:14.1x53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C7FCCC1-B151-465A-8327-26DB5DC074F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F69A0E5-B61B-405D-B501-9CB306651CEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"974B6128-ABD2-4D9C-87A1-5F1740DDCB95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBF736F6-ED05-4DC1-96FB-3F35BA5B3EFD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E594D6DC-87F6-40D2-8268-ED6021462168\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:ex4300m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F07B0E0B-D2F2-4CF1-A8EA-A1E8DE83BBB4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1BB20B5-EA30-4E8E-9055-2E629648436A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B425BB1-3C78-42B1-A6C1-216E514191F0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E974B4BC-64C5-4BB6-AF31-D46AF3763416\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79A8847B-4F98-4949-8639-5CD2B411D10F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09EBDE4B-764F-4DF1-844A-BB8A52CD53EF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:qfx5200-32c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38D790AD-D00F-4FED-96FE-3046C827356B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:qfx5200-48y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAD9AD5C-947D-41EF-9969-FCCEB144984F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:qfx5210-64c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B86047DE-A0A0-4698-9414-B66C0FA7B544\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/107897\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10930\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/107897\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10930\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.