Lucene search

[email protected]CVE-2019-0067

HistoryOct 09, 2019 - 8:15 p.m.

CVE-2019-0067

2019-10-0920:15:17

[email protected]

web.nvd.nist.gov

cve

2019

0067

ipv6

packet

dos

vulnerability

junos os

juniper networks

nvd

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

6.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

24.8%

JSON

Receipt of a specific link-local IPv6 packet destined to the RE may cause the system to crash and restart (vmcore). By continuously sending a specially crafted IPv6 packet, an attacker can repeatedly crash the system causing a prolonged Denial of Service (DoS). This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R6-S2, 16.1R7; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R3. This issue does not affect Juniper Networks Junos OS version 15.1 and prior versions.

Affected configurations

NVD

Node

juniperjunosMatch16.1-

juniperjunosMatch16.1r1

juniperjunosMatch16.1r2

juniperjunosMatch16.1r3

juniperjunosMatch16.1r3-s10

juniperjunosMatch16.1r3-s11

juniperjunosMatch16.1r4

juniperjunosMatch16.1r5-s4

juniperjunosMatch16.1r6-s1

juniperjunosMatch16.2-

juniperjunosMatch16.2r1

juniperjunosMatch16.2r2

juniperjunosMatch16.2r2-s1

juniperjunosMatch16.2r2-s2

juniperjunosMatch16.2r2-s5

juniperjunosMatch16.2r2-s6

juniperjunosMatch16.2r2-s7

juniperjunosMatch16.2r2-s8

juniperjunosMatch16.2r2-s9

juniperjunosMatch17.1-

juniperjunosMatch17.1r1

juniperjunosMatch17.1r2-s1

juniperjunosMatch17.1r2-s10

juniperjunosMatch17.1r2-s2

juniperjunosMatch17.1r2-s3

juniperjunosMatch17.1r2-s4

juniperjunosMatch17.1r2-s5

juniperjunosMatch17.1r2-s6

juniperjunosMatch17.1r2-s7

CPENameOperatorVersion
juniper:junosjuniper junoseq16.1
juniper:junosjuniper junoseq16.2
juniper:junosjuniper junoseq17.1

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	16.1
juniper:junos	juniper junos	eq	16.2
juniper:junos	juniper junos	eq	17.1

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThanOrEqual": "15.1",
        "status": "unaffected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1R6-S2, 16.1R7",
        "status": "affected",
        "version": "16.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.2R2-S10",
        "status": "affected",
        "version": "16.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.1R3",
        "status": "affected",
        "version": "17.1",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.juniper.net/JSA10966

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

6.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

24.8%

JSON

Related for CVE-2019-0067

prion1 nessus2 cvelist1 nvd1 symantec1