Main Vulnerability Database SB2019071117

SB2019071117 - Input validation error in Juniper Junos OS

Published: July 11, 2019

Security Bulletin ID SB2019071117

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Adjecent network

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Input validation error (CVE-ID: CVE-2019-0046)

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists in the pfe-chassisd Chassis Manager (CMLC) daemon when specific valid broadcast packets create a broadcast storm condition when received on the me0 interface. An attacker can perform a denial of service attack on the affected device.

This issue only affects the EX4300 switch.

Remediation

Install update from vendor's website.

References

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10938&cat=SIRT_1&actp=LIST