CVE-2018-0022 Junos OS: Mbuf leak due to processing MPLS packets in VPLS network.

🗓️ 11 Apr 2018 19:00:00Reported by juniperType

Junos OS: Mbuf leak in VPLS network due to MPLS packet processing

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	Junos OS: Mbuf leak due to processing MPLS packets in VPLS network.	11 Apr 201819:29	–	attackerkb
BDU FSTEC	The vulnerability of the Junos operating system, related to uncontrolled resource consumption, allows a perpetrator to trigger a service failure.	7 Jun 201800:00	–	bdu_fstec
CISA	Juniper Networks Releases Security Updates	12 Apr 201800:00	–	cisa
CVE	CVE-2018-0022	11 Apr 201819:00	–	cve
EUVD	EUVD-2018-0847	7 Oct 202500:30	–	euvd
Tenable Nessus	Juniper Junos VPLS Routing MPLS Packet Handling mbuf Exhaustion Remote DoS (JSA10855)	20 Apr 201800:00	–	nessus
NVD	CVE-2018-0022	11 Apr 201819:29	–	nvd
OSV	CVE-2018-0022	11 Apr 201819:29	–	osv
Prion	Design/Logic Flaw	11 Apr 201819:29	–	prion

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "12.1X46-D76",
        "status": "affected",
        "version": "12.1X46",
        "versionType": "custom"
      },
      {
        "lessThan": "12.3X48-D66, 12.3X48-D70",
        "status": "affected",
        "version": "12.3X48",
        "versionType": "custom"
      },
      {
        "lessThan": "14.1R9",
        "status": "affected",
        "version": "14.1",
        "versionType": "custom"
      },
      {
        "lessThan": "14.1X53-D47",
        "status": "affected",
        "version": "14.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "14.2R8",
        "status": "affected",
        "version": "14.2",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7",
        "status": "affected",
        "version": "15.1",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1X49-D131, 15.1X49-D140",
        "status": "affected",
        "version": "15.1X49",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1R3-S8, 16.1R4-S6, 16.1R5",
        "status": "affected",
        "version": "16.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.2R1-S6, 16.2R2-S5, 16.2R3",
        "status": "affected",
        "version": "16.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.1R1-S7, 17.1R2-S6, 17.1R3",
        "status": "affected",
        "version": "17.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2R1-S5, 17.2R2",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "EX2300/EX3400"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D58",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "QFX5200/QFX5110"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D233",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "NFX"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D471",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "QFX10"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D66",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
securitytracker	www.securitytracker.com/id/1040790
securityfocus	www.securityfocus.com/bid/103740
kb	www.kb.juniper.net/JSA10855

05 May 2018 09:57Current

7.6High risk

Vulners AI Score7.6

CVSS 37.5

EPSS0.01351