Lucene search

[email protected]CVE-2018-0006

HistoryJan 10, 2018 - 10:29 p.m.

CVE-2018-0006

2018-01-1022:29:01

CWE-770

[email protected]

web.nvd.nist.gov

cve-2018-0006

vlan

authentication

bbe

subscriber management

memory utilization

denial of service

dhcpv4

dhcpv6

juniper networks

junos os

nvd

2.9 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.1%

JSON

A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition. The issue was caused by attempting to process an unbounded number of pending VLAN authentication requests, leading to excessive memory allocation. This issue only affects devices configured for DHCPv4/v6 over AE auto-sensed VLANs, utilized in Broadband Edge (BBE) deployments. Other configurations are unaffected by this issue. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1R6-S2, 15.1R7; 16.1 versions prior to 16.1R5-S1, 16.1R6; 16.2 versions prior to 16.2R2-S2, 16.2R3; 17.1 versions prior to 17.1R2-S5, 17.1R3; 17.2 versions prior to 17.2R2.

Affected configurations

NVD

Node

juniperjunosMatch15.1

juniperjunosMatch15.1r1

juniperjunosMatch15.1r2

juniperjunosMatch15.1r3

juniperjunosMatch15.1r4

juniperjunosMatch15.1r5

juniperjunosMatch15.1r7

Node

juniperjunosMatch16.1

juniperjunosMatch16.1r1

juniperjunosMatch16.1r2

juniperjunosMatch16.1r3

juniperjunosMatch16.1r4

juniperjunosMatch16.1r6

Node

juniperjunosMatch16.2r1

juniperjunosMatch16.2r3

Node

juniperjunosMatch17.1r1

juniperjunosMatch17.1r3

Node

juniperjunosMatch17.2r1

CPENameOperatorVersion
juniper:junosjuniper junoseq15.1

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	15.1

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1R6-S2, 15.1R7",
        "status": "affected",
        "version": "15.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1R5-S1, 16.1R6",
        "status": "affected",
        "version": "16.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.2R2-S2, 16.2R3",
        "status": "affected",
        "version": "16.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.1R2-S5, 17.1R3",
        "status": "affected",
        "version": "17.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2R2",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      }
    ]
  }
]

References

www.securitytracker.com/id/1040184

kb.juniper.net/JSA10834

2.9 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.1%

JSON

Related for CVE-2018-0006

cvelist1 nessus1 prion1 nvd1 cisa1