Lucene search

[email protected]CVE-2018-0054

HistoryOct 10, 2018 - 6:29 p.m.

CVE-2018-0054

2018-10-1018:29:02

CWE-400

[email protected]

web.nvd.nist.gov

cve-2018-0054

qfx5000

ex4600

ethernet pause frames

arp packet storm

egress interface congestion

routing protocol

bgp

peering flaps

junos os

nvd

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.4 Medium

AI Score

Confidence

High

3.3 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

23.6%

JSON

On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface (fxp0) can cause egress interface congestion, resulting in routing protocol packet drops, such as BGP, leading to peering flaps. The following log message may also be displayed: fpc0 dcbcm_check_stuck_buffers: Buffers are stuck on queue 7 of port 45 This issue only affects the QFX5000 Series products (QFX5100, QFX5110, QFX5200, QFX5210) and the EX4600 switch. No other platforms are affected by this issue. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on QFX5000 Series and EX4600; 15.1 versions prior to 15.1R7, 15.1R8 on QFX5000 Series and EX4600; 15.1X53 versions prior to 15.1X53-D233 on QFX5000 Series and EX4600; 16.1 versions prior to 16.1R7 on QFX5000 Series and EX4600; 16.2 versions prior to 16.2R3 on QFX5000 Series and EX4600; 17.1 versions prior to 17.1R2-S9, 17.1R3 on QFX5000 Series and EX4600; 17.2 versions prior to 17.2R2-S6, 17.2R3 on QFX5000 Series and EX4600; 17.2X75 versions prior to 17.2X75-D42 on QFX5000 Series and EX4600; 17.3 versions prior to 17.3R3 on QFX5000 Series and EX4600; 17.4 versions prior to 17.4R2 on QFX5000 Series and EX4600; 18.1 versions prior to 18.1R2 on QFX5000 Series and EX4600.

Affected configurations

NVD

Node

juniperjunosMatch14.1x53

juniperjunosMatch14.1x53d10

juniperjunosMatch14.1x53d121

juniperjunosMatch14.1x53d15

juniperjunosMatch14.1x53d16

juniperjunosMatch14.1x53d25

juniperjunosMatch14.1x53d26

juniperjunosMatch14.1x53d27

juniperjunosMatch14.1x53d30

juniperjunosMatch14.1x53d35

juniperjunosMatch14.1x53d40

juniperjunosMatch14.1x53d42

juniperjunosMatch14.1x53d43

juniperjunosMatch14.1x53d44

juniperjunosMatch14.1x53d45

juniperjunosMatch14.1x53d46

AND

juniperex4600Match-

juniperqfx5100Match-

juniperqfx5110Match-

juniperqfx5120Match-

juniperqfx5200Match-

juniperqfx5210Match-

Node

juniperjunosMatch15.1f2

juniperjunosMatch15.1f3

juniperjunosMatch15.1f4

juniperjunosMatch15.1f5

juniperjunosMatch15.1f6

juniperjunosMatch15.1f7

juniperjunosMatch15.1r1

juniperjunosMatch15.1r2

juniperjunosMatch15.1r3

juniperjunosMatch15.1r4

juniperjunosMatch15.1r5

juniperjunosMatch15.1r6

AND

juniperex4600Match-

juniperqfx5100Match-

juniperqfx5110Match-

juniperqfx5120Match-

juniperqfx5200Match-

juniperqfx5210Match-

Node

juniperjunosMatch15.1x53

juniperjunosMatch15.1x53d20

juniperjunosMatch15.1x53d21

juniperjunosMatch15.1x53d210

juniperjunosMatch15.1x53d230

juniperjunosMatch15.1x53d231

juniperjunosMatch15.1x53d232

juniperjunosMatch15.1x53d25

juniperjunosMatch15.1x53d30

juniperjunosMatch15.1x53d32

juniperjunosMatch15.1x53d33

juniperjunosMatch15.1x53d34

juniperjunosMatch15.1x53d40

juniperjunosMatch15.1x53d45

AND

juniperex4600Match-

juniperqfx5100Match-

juniperqfx5110Match-

juniperqfx5120Match-

juniperqfx5200Match-

juniperqfx5210Match-

Node

juniperjunosMatch16.1

juniperjunosMatch16.1r1

juniperjunosMatch16.1r2

juniperjunosMatch16.1r3

juniperjunosMatch16.1r4

juniperjunosMatch16.1r5

juniperjunosMatch16.1r6

AND

juniperex4600Match-

juniperqfx5100Match-

juniperqfx5110Match-

juniperqfx5120Match-

juniperqfx5200Match-

juniperqfx5210Match-

Node

juniperjunosMatch16.2

juniperjunosMatch16.2r1

juniperjunosMatch16.2r2

AND

juniperex3400Match-

juniperqfx5100Match-

juniperqfx5110Match-

juniperqfx5120Match-

juniperqfx5200Match-

juniperqfx5210Match-

Node

juniperjunosMatch17.1

juniperjunosMatch17.1r1

AND

juniperex3400Match-

juniperqfx5100Match-

juniperqfx5110Match-

juniperqfx5120Match-

juniperqfx5200Match-

juniperqfx5210Match-

Node

juniperjunosMatch17.2

juniperjunosMatch17.2r1

AND

juniperex3400Match-

juniperqfx5100Match-

juniperqfx5110Match-

juniperqfx5120Match-

juniperqfx5200Match-

juniperqfx5210Match-

Node

juniperjunosMatch17.2x75

juniperjunosMatch17.2x75d50

AND

juniperex3400Match-

juniperqfx5100Match-

juniperqfx5110Match-

juniperqfx5120Match-

juniperqfx5200Match-

juniperqfx5210Match-

Node

juniperjunosMatch17.3

juniperjunosMatch17.3r1

juniperjunosMatch17.3r2

AND

juniperex3400Match-

juniperqfx5100Match-

juniperqfx5110Match-

juniperqfx5120Match-

juniperqfx5200Match-

juniperqfx5210Match-

Node

juniperjunosMatch17.4

juniperjunosMatch17.4r1

AND

juniperex3400Match-

juniperqfx5100Match-

juniperqfx5110Match-

juniperqfx5120Match-

juniperqfx5200Match-

juniperqfx5210Match-

Node

juniperjunosMatch18.1

juniperjunosMatch18.1r1

AND

juniperex3400Match-

juniperqfx5100Match-

juniperqfx5110Match-

juniperqfx5120Match-

juniperqfx5200Match-

juniperqfx5210Match-

CPENameOperatorVersion
juniper:junosjuniper junoseq14.1x53

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	14.1x53

CNA Affected

[
  {
    "platforms": [
      "QFX5000 Series and EX4600"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "14.1X53-D47",
        "status": "affected",
        "version": "14.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1R7, 15.1R8",
        "status": "affected",
        "version": "15.1",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1X53-D233",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1R7",
        "status": "affected",
        "version": "16.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.2R3",
        "status": "affected",
        "version": "16.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.1R2-S9, 17.1R3",
        "status": "affected",
        "version": "17.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2R2-S6, 17.2R3",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2X75-D42",
        "status": "affected",
        "version": "17.2X75",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R3",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R2",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R2",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      }
    ]
  }
]

References

www.securitytracker.com/id/1041855

kb.juniper.net/JSA10888

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.4 Medium

AI Score

Confidence

High

3.3 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

23.6%

JSON

Related for CVE-2018-0054

prion1 cvelist1 nvd1