Improper input validation in Juniper Junos OS - CVE-2019-0011
Published: January 9, 2019 / Updated: January 18, 2019
Vulnerability identifier: #VU17088
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2019-0011
CWE-ID: CWE-20
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Juniper Networks, Inc.
Affected software:
Juniper Junos OS
Juniper Junos OS
Detailed vulnerability description
The vulnerability allows an adjacent attacker to cause DoS condition.
The vulnerability exists due to an error when processing malicious input. An adjacent attacker can continuously send a specially crafted packet and cause the kernel to crash.
How to mitigate CVE-2019-0011
The vulnerability has been addressed in the versions 17.2R1-S7, 17.2R3, 17.2X75-D110, 17.3R3-S3, 17.4R1-S4, 17.4R2, 18.1R2, 18.2R1, 18.2X75-D5.