CVE-2019-0019 (GCVE-0-2019-0019)

Vulnerability from cvelistv5 – Published: 2019-04-10 20:13 – Updated: 2024-09-16 20:52
VLAI?
Title
BGP packets can trigger rpd crash when BGP tracing is enabled.
Summary
When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9, 16.2R3; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3-S1; 17.3 versions prior to 17.3R3-S3, 17.3R3-S4, 17.3R4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4, 18.1R4; 18.2 versions prior to 18.2R2-S2, 18.2R2-S3, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2. This issue does not affect Junos releases prior to 16.1R1.
Severity ?
7.5 (High)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE
  • CWE-404 - Improper Resource Shutdown or Release
Assigner
References
https://kb.juniper.net/JSA10931 x_refsource_CONFIRM
http://www.securityfocus.com/bid/107893 vdb-entryx_refsource_BID
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: 16.1 , < 16.1R7-S4, 16.1R7-S5 (custom)
Affected: 16.2 , < 16.2R2-S9, 16.2R3 (custom)
Affected: 17.1 , < 17.1R3 (custom)
Affected: 17.2 , < 17.2R3-S1 (custom)
Affected: 17.3 , < 17.3R3-S3, 17.3R3-S4, 17.3R4 (custom)
Affected: 17.4 , < 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3 (custom)
Affected: 18.1 , < 18.1R2-S4, 18.1R3-S4, 18.1R4 (custom)
Affected: 18.2 , < 18.2R2-S2, 18.2R2-S3, 18.2R3 (custom)
Affected: 18.2X75 , < 18.2X75-D40 (custom)
Affected: 18.3 , < 18.3R1-S3, 18.3R2 (custom)
Affected: 18.4 , < 18.4R1-S2, 18.4R2 (custom)
Unaffected: all , < 16.1 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:37:07.369Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10931"
          },
          {
            "name": "107893",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107893"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "16.1R7-S4, 16.1R7-S5",
              "status": "affected",
              "version": "16.1",
              "versionType": "custom"
            },
            {
              "lessThan": "16.2R2-S9, 16.2R3",
              "status": "affected",
              "version": "16.2",
              "versionType": "custom"
            },
            {
              "lessThan": "17.1R3",
              "status": "affected",
              "version": "17.1",
              "versionType": "custom"
            },
            {
              "lessThan": "17.2R3-S1",
              "status": "affected",
              "version": "17.2",
              "versionType": "custom"
            },
            {
              "lessThan": "17.3R3-S3, 17.3R3-S4, 17.3R4",
              "status": "affected",
              "version": "17.3",
              "versionType": "custom"
            },
            {
              "lessThan": "17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3",
              "status": "affected",
              "version": "17.4",
              "versionType": "custom"
            },
            {
              "lessThan": "18.1R2-S4, 18.1R3-S4, 18.1R4",
              "status": "affected",
              "version": "18.1",
              "versionType": "custom"
            },
            {
              "lessThan": "18.2R2-S2, 18.2R2-S3, 18.2R3",
              "status": "affected",
              "version": "18.2",
              "versionType": "custom"
            },
            {
              "lessThan": "18.2X75-D40",
              "status": "affected",
              "version": "18.2X75",
              "versionType": "custom"
            },
            {
              "lessThan": "18.3R1-S3, 18.3R2",
              "status": "affected",
              "version": "18.3",
              "versionType": "custom"
            },
            {
              "lessThan": "18.4R1-S2, 18.4R2",
              "status": "affected",
              "version": "18.4",
              "versionType": "custom"
            },
            {
              "lessThan": "16.1",
              "status": "unaffected",
              "version": "all",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue requires BGP tracing to be enabled."
        }
      ],
      "datePublic": "2019-04-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9, 16.2R3; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3-S1; 17.3 versions prior to 17.3R3-S3, 17.3R3-S4, 17.3R4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4, 18.1R4; 18.2 versions prior to 18.2R2-S2, 18.2R2-S3, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2. This issue does not affect Junos releases prior to 16.1R1."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "CWE-404 Improper Resource Shutdown or Release",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-15T07:06:01",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA10931"
        },
        {
          "name": "107893",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107893"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 16.1R7-S4, 16.1R7-S5, 16.2R2-S9, 16.2R3, 17.1R3, 17.2R3-S1, 17.3R3-S3, 17.3R3-S4, 17.3R4, 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3, 18.1R2-S4, 18.1R3-S4, 18.1R4, 18.2R2-S2, 18.2R2-S3, 18.2R3, 18.2X75-D40, 18.3R1-S3, 18.3R2, 18.4R1-S2, 18.4R2, 19.1R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA10931",
        "defect": [
          "1399141"
        ],
        "discovery": "INTERNAL"
      },
      "title": "BGP packets can trigger rpd crash when BGP tracing is enabled.",
      "workarounds": [
        {
          "lang": "en",
          "value": "The issue can be mitigated by disabling BGP tracing.\n\nUse authentication for BGP (tcp-md5, ipsec, etc.) to mitigate the issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.6"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2019-04-10T16:00:00.000Z",
          "ID": "CVE-2019-0019",
          "STATE": "PUBLIC",
          "TITLE": "BGP packets can trigger rpd crash when BGP tracing is enabled."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "16.1",
                            "version_value": "16.1R7-S4, 16.1R7-S5"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "16.2",
                            "version_value": "16.2R2-S9, 16.2R3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "17.1",
                            "version_value": "17.1R3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "17.2",
                            "version_value": "17.2R3-S1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "17.3",
                            "version_value": "17.3R3-S3, 17.3R3-S4, 17.3R4"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "17.4",
                            "version_value": "17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "18.1",
                            "version_value": "18.1R2-S4, 18.1R3-S4, 18.1R4"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "18.2",
                            "version_value": "18.2R2-S2, 18.2R2-S3, 18.2R3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "18.2X75",
                            "version_value": "18.2X75-D40"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "18.3",
                            "version_value": "18.3R1-S3, 18.3R2"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "18.4",
                            "version_value": "18.4R1-S2, 18.4R2"
                          },
                          {
                            "version_affected": "!\u003c",
                            "version_name": "all",
                            "version_value": "16.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue requires BGP tracing to be enabled."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9, 16.2R3; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3-S1; 17.3 versions prior to 17.3R3-S3, 17.3R3-S4, 17.3R4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4, 18.1R4; 18.2 versions prior to 18.2R2-S2, 18.2R2-S3, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2. This issue does not affect Junos releases prior to 16.1R1."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.6"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-404 Improper Resource Shutdown or Release"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10931",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA10931"
            },
            {
              "name": "107893",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107893"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: 16.1R7-S4, 16.1R7-S5, 16.2R2-S9, 16.2R3, 17.1R3, 17.2R3-S1, 17.3R3-S3, 17.3R3-S4, 17.3R4, 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3, 18.1R2-S4, 18.1R3-S4, 18.1R4, 18.2R2-S2, 18.2R2-S3, 18.2R3, 18.2X75-D40, 18.3R1-S3, 18.3R2, 18.4R1-S2, 18.4R2, 19.1R1, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA10931",
          "defect": [
            "1399141"
          ],
          "discovery": "INTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "The issue can be mitigated by disabling BGP tracing.\n\nUse authentication for BGP (tcp-md5, ipsec, etc.) to mitigate the issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2019-0019",
    "datePublished": "2019-04-10T20:13:51.018749Z",
    "dateReserved": "2018-10-11T00:00:00",
    "dateUpdated": "2024-09-16T20:52:55.235Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"258A380C-1EA0-407D-B7E3-4A2E8820119C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBE35BDC-7739-4854-8BB8-E8600603DE9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DC47132-9EEA-4518-8F86-5CD231FBFB61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD5A30CE-9498-4007-8E66-FD0CC6CF1836\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D3E38C1-808C-4BD3-993D-F30855F5390F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*\", \"matchCriteriaId\": \"72194CB7-FFDC-4897-9D6E-EA3459DDDEB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.1:r6:*:*:*:*:*:*\", \"matchCriteriaId\": \"92F35C19-5AD2-4F98-8313-2E880714DF3B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"9677CE18-B955-432F-BA2B-AAE3D0CA0F16\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3661BC68-6F32-447F-8D20-FD73FBBED9C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B6097D4-3856-4696-9A26-5B6C0FD9AD6C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC9B5CDE-3A50-4CD3-962A-FA0989939F37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7572C187-4D58-4E0D-A605-B2B13EFF5C6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E34A149E-C2ED-4D86-A105-0A2775654AE7\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCEE8D9C-6D64-4A9B-A74A-57A0BF4086C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E889BF9C-BDDF-4A6A-97BB-00A097EF6D91\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D45F2C3-20FF-4A91-A440-E109B3CCE7C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.2:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"11E055AC-5626-4EBB-8611-17BB1E8AEF15\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A283D32F-1CAF-4A5A-83E1-585F2801771F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"38A40E03-F915-4888-87B0-5950F75F097D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"69FC46D4-39E2-4E2F-A1D3-1001769A7115\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"32F83E8B-A816-4F26-95F8-F0DA7F3DF426\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C433359-BC8B-4E69-BE74-A31EB148083A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.3:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"25C7C3D0-A203-4979-8375-A610ADD48E9E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A00CA6FB-8F28-4171-B510-8DBA351E80C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"988D317A-0646-491F-9B97-853E8E208276\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"605F1AD7-5B09-44F0-9017-15AB3EEE559C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DFDD907-5305-4602-8A9C-685AA112C342\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0A756E2-C320-405A-B24F-7C5022649E5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2x75:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEC6BBCF-6429-4BD8-9728-4A1B0616D7C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2x75:d20:*:*:*:*:*:*\", \"matchCriteriaId\": \"12805C4D-2737-41E4-8950-5B48636765F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.2x75:d5:*:*:*:*:*:*\", \"matchCriteriaId\": \"94667657-E6B9-4245-A30C-3A51202E7551\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"5342C3DC-D640-47AB-BD76-3444852988A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AB8585E-EDC6-4400-BEE3-3A6A7C922C90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2ABC574-B3FC-4025-B50D-7F9EEB28C806\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"74CA9010-D3DE-487B-B46F-589A48AB0F0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A38F224C-8E9B-44F3-9D4F-6C9F04F57927\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9, 16.2R3; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3-S1; 17.3 versions prior to 17.3R3-S3, 17.3R3-S4, 17.3R4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4, 18.1R4; 18.2 versions prior to 18.2R2-S2, 18.2R2-S3, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2. This issue does not affect Junos releases prior to 16.1R1.\"}, {\"lang\": \"es\", \"value\": \"Cuando la funci\\u00f3n de rastreo BGP (Border Gateway Protocol) est\\u00e1 activada, un mensaje BGP entrante puede provocar que el proceso rpd (Routing Protocol Daemon) del Junos OS se cierre inesperadamente y se reinicie. Cuando el rpd se reinicia despu\\u00e9s de un cierre inesperado, y estos se repiten, puede resultar en una condici\\u00f3n de denegaci\\u00f3n de servicio extendida. Las versiones afectadas son el Juniper Networks Junos OS: 16.1 versiones anteriores a 16.1R7-S4, 16.1R7-S5; 16.2 versiones anteriores a 16.2R2-S9, 16.2R3; 17.1 versiones anteriores a 17.1R3-S1; 17.2 versiones anteriores a 17.2R3-S1; 17.3 versiones anteriores a 17.3R3-S3, 17.3R3-S4, 17.3R4, 17.3R4; 17.4 versiones anteriores a 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3; 18.1 versiones anteriores a 18.1R2-S4, 18.1R3-S4, 18.1R4; 18.2 versiones anteriores a 18.2R2-S2, 18.2R2-S3, 18.2R3; 18.2X75 versiones anteriores a 18.2X75-D40; 18.3 versiones anteriores a 18.3R1-S3, 18.3R2; 18.4 versiones anteriores a 18.4R1-S2, 18.4R2. Este problema no afecta a las versiones de Junos anteriores a la 16.1R1.\"}]",
      "id": "CVE-2019-0019",
      "lastModified": "2024-11-21T04:16:03.790",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV30\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-04-10T20:29:00.413",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/107893\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://kb.juniper.net/JSA10931\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/107893\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://kb.juniper.net/JSA10931\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-404\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-0019\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2019-04-10T20:29:00.413\",\"lastModified\":\"2024-11-21T04:16:03.790\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9, 16.2R3; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3-S1; 17.3 versions prior to 17.3R3-S3, 17.3R3-S4, 17.3R4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4, 18.1R4; 18.2 versions prior to 18.2R2-S2, 18.2R2-S3, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2. This issue does not affect Junos releases prior to 16.1R1.\"},{\"lang\":\"es\",\"value\":\"Cuando la funci\u00f3n de rastreo BGP (Border Gateway Protocol) est\u00e1 activada, un mensaje BGP entrante puede provocar que el proceso rpd (Routing Protocol Daemon) del Junos OS se cierre inesperadamente y se reinicie. Cuando el rpd se reinicia despu\u00e9s de un cierre inesperado, y estos se repiten, puede resultar en una condici\u00f3n de denegaci\u00f3n de servicio extendida. Las versiones afectadas son el Juniper Networks Junos OS: 16.1 versiones anteriores a 16.1R7-S4, 16.1R7-S5; 16.2 versiones anteriores a 16.2R2-S9, 16.2R3; 17.1 versiones anteriores a 17.1R3-S1; 17.2 versiones anteriores a 17.2R3-S1; 17.3 versiones anteriores a 17.3R3-S3, 17.3R3-S4, 17.3R4, 17.3R4; 17.4 versiones anteriores a 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3; 18.1 versiones anteriores a 18.1R2-S4, 18.1R3-S4, 18.1R4; 18.2 versiones anteriores a 18.2R2-S2, 18.2R2-S3, 18.2R3; 18.2X75 versiones anteriores a 18.2X75-D40; 18.3 versiones anteriores a 18.3R1-S3, 18.3R2; 18.4 versiones anteriores a 18.4R1-S2, 18.4R2. Este problema no afecta a las versiones de Junos anteriores a la 16.1R1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-404\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"258A380C-1EA0-407D-B7E3-4A2E8820119C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBE35BDC-7739-4854-8BB8-E8600603DE9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC47132-9EEA-4518-8F86-5CD231FBFB61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD5A30CE-9498-4007-8E66-FD0CC6CF1836\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D3E38C1-808C-4BD3-993D-F30855F5390F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"72194CB7-FFDC-4897-9D6E-EA3459DDDEB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.1:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"92F35C19-5AD2-4F98-8313-2E880714DF3B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9677CE18-B955-432F-BA2B-AAE3D0CA0F16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3661BC68-6F32-447F-8D20-FD73FBBED9C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:16.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B6097D4-3856-4696-9A26-5B6C0FD9AD6C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC9B5CDE-3A50-4CD3-962A-FA0989939F37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7572C187-4D58-4E0D-A605-B2B13EFF5C6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E34A149E-C2ED-4D86-A105-0A2775654AE7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCEE8D9C-6D64-4A9B-A74A-57A0BF4086C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E889BF9C-BDDF-4A6A-97BB-00A097EF6D91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D45F2C3-20FF-4A91-A440-E109B3CCE7C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"11E055AC-5626-4EBB-8611-17BB1E8AEF15\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A283D32F-1CAF-4A5A-83E1-585F2801771F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"38A40E03-F915-4888-87B0-5950F75F097D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"69FC46D4-39E2-4E2F-A1D3-1001769A7115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"32F83E8B-A816-4F26-95F8-F0DA7F3DF426\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C433359-BC8B-4E69-BE74-A31EB148083A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"25C7C3D0-A203-4979-8375-A610ADD48E9E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A00CA6FB-8F28-4171-B510-8DBA351E80C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"988D317A-0646-491F-9B97-853E8E208276\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"605F1AD7-5B09-44F0-9017-15AB3EEE559C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DFDD907-5305-4602-8A9C-685AA112C342\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0A756E2-C320-405A-B24F-7C5022649E5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2x75:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEC6BBCF-6429-4BD8-9728-4A1B0616D7C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2x75:d20:*:*:*:*:*:*\",\"matchCriteriaId\":\"12805C4D-2737-41E4-8950-5B48636765F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2x75:d5:*:*:*:*:*:*\",\"matchCriteriaId\":\"94667657-E6B9-4245-A30C-3A51202E7551\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5342C3DC-D640-47AB-BD76-3444852988A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AB8585E-EDC6-4400-BEE3-3A6A7C922C90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2ABC574-B3FC-4025-B50D-7F9EEB28C806\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"74CA9010-D3DE-487B-B46F-589A48AB0F0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A38F224C-8E9B-44F3-9D4F-6C9F04F57927\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/107893\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://kb.juniper.net/JSA10931\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/107893\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://kb.juniper.net/JSA10931\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.