CVE-2019-0065
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
On MX Series, when the SIP ALG is enabled, receipt of a certain malformed SIP packet may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending a crafted SIP packet, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on MX Series: 16.1 versions prior to 16.1R7-S5; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3-S3; 17.3 versions prior to 17.3R3-S6 ; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S3; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 16.1 < 16.1R7-S5 | affected |
| Juniper Networks | Junos OS | 16.2 < 16.2R2-S11 | affected |
| Juniper Networks | Junos OS | 17.1 < 17.1R3 | affected |
| Juniper Networks | Junos OS | 17.2 < 17.2R3-S3 | affected |
| Juniper Networks | Junos OS | 17.3 < 17.3R3-S6 | affected |
| Juniper Networks | Junos OS | 17.4 < 17.4R2-S8, 17.4R3 | affected |
| Juniper Networks | Junos OS | 18.1 < 18.1R3-S3 | affected |
| Juniper Networks | Junos OS | 18.2 < 18.2R3 | affected |
| Juniper Networks | Junos OS | 18.3 < 18.3R2 | affected |
| Juniper Networks | Junos OS | 18.4 < 18.4R2 | affected |
Weaknesses
- DoS
Workarounds
Disable the use of the SIP application layer gateway (ALG) configuration if not needed.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.