CVE-2019-0013
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended Denial of Service (DoS) condition. This issue only affects IPv4 PIM. IPv6 PIM is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D77; 15.1 versions prior to 15.1F6-S10, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D150; 15.1X53 versions prior to 15.1X53-D233, 15.1X53-D59; 16.1 versions prior to 16.1R3-S8, 16.1R4-S8, 16.1R7; 16.2 versions prior to 16.2R2-S6; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R2-S3, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 12.1X46 < 12.1X46-D77 | affected |
| Juniper Networks | Junos OS | 12.3X48 < 12.3X48-D77 | affected |
| Juniper Networks | Junos OS | 15.1 < 15.1F6-S10, 15.1R6-S6, 15.1R7 | affected |
| Juniper Networks | Junos OS | 15.1X49 < 15.1X49-D150 | affected |
| Juniper Networks | Junos OS | 15.1X53 < 15.1X53-D233, 15.1X53-D59 | affected |
| Juniper Networks | Junos OS | 16.1 < 16.1R3-S8, 16.1R4-S8, 16.1R7 | affected |
| Juniper Networks | Junos OS | 16.2 < 16.2R2-S6 | affected |
| Juniper Networks | Junos OS | 17.1 < 17.1R2-S6, 17.1R3 | affected |
| Juniper Networks | Junos OS | 17.2 < 17.2R2-S3, 17.2R3 | affected |
| Juniper Networks | Junos OS | 17.3 < 17.3R2-S4, 17.3R3 | affected |
| Juniper Networks | Junos OS | 17.4 < 17.4R2 | affected |
Weaknesses
- Denial of Service
Workarounds
No known workaround exists for this issue.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.